comment on this article

Security report urges IoT manufacturers to ‘get smart’

More than 400million smart devices are expected to be in use across the UK within three years and the Department for Culture, Media and Sport (DMCS) believes these could be exploited as part of large-scale cyber attacks. Looking to counter such threats, those developing ‘smart’ devices, such as televisions, toys and speakers, will be expected to build-in tough new security measures that last the lifetime of the product.

According to the Government, it will work with industry to implement a rigorous code of practice to improve the cyber security of consumer internet-connected devices. Margot James, Minister for Digital and the Creative Industries, said: “We have worked alongside industry to develop a tough new set of rules so strong security measures are built into everyday technology from the moment it is developed.

“This will help ensure that we have the right rules and frameworks in place to protect individuals and that the UK continues to be a world-leading, innovation-friendly digital economy.”

The initiative is described as a key part of the Government’s five year, £1.9 billion National Cyber Security Strategy, intended to make the UK the most secure place in the world in which to live and do business online.

The Secure by Design report, developed in conjunction with the National Cyber Security Centre, outlines way to embed security in the design process, rather than ‘bolting’ security on as an afterthought.

Dr Ian Levy, the NCSC’s technical director, said: “We are pleased to have worked with DCMS on this vital review and hope its legacy will be a government ‘kitemark’ clearly explaining the security promises and effective lifespan of products.”

The report outlines practical steps for manufacturers, service providers and developers. This urges firms to make sure:

  • All passwords on new devices and products are unique and not resettable to a factory default, such as ‘admin’;
  • They have a vulnerability policy and public point of contact so security researchers and others can report issues immediately and they are quickly acted upon;
  • Sensitive data which is transmitted over apps or products is encrypted;
  • Software is automatically updated and there is clear guidance on updates to customers;
  • It is easy for consumers to delete personal data on devices and products;
  • Installation and maintenance of devices is easy.

Alongside these measures, the report proposes developing a product labelling scheme so consumers are aware of a product’s security features at the point of purchase. The Government will work closely with retailers and consumer organisations to provide advice and support.

Author
Graham Pitcher

Comment on this article


This material is protected by MA Business copyright See Terms and Conditions. One-off usage is permitted but bulk copying is not. For multiple copies contact the sales team.

What you think about this article:


Add your comments

Name
 
Email
 
Comments
 

Your comments/feedback may be edited prior to publishing. Not all entries will be published.
Please view our Terms and Conditions before leaving a comment.