UK Government Planning on New Laws for IoT Devices Including a Mandatory Security Labelling Scheme

By CircleID Reporter

The UK government on Wednesday announced plans to introduce new laws for internet connected devices to better enforce the inclusion of basic cybersecurity features into IoT devices. Measures will include labeling requirements — from the press release: “The Government will be consulting on options including a mandatory new labeling scheme. The label would tell consumers how secure their products such as ‘smart’ TVs, toys and appliances are. The move means retailers will only be able to sell items with an Internet of Things (IoT) security label.”

The government has narrowed its plans to three security requirement: 1) IoT device passwords must be unique and not resettable to any universal factory setting; 2) Manufacturers of IoT products provide a public point of contact as part of a vulnerability disclosure policy; 3)

Manufacturers explicitly state the minimum length of time for which the device will receive security updates through an end of life policy.

Mandating retailers: Also considered is mandating retailers “to not sell any products that do not adhere to the top three security requirements of the Code.”

Follow CircleID on Twitter

More under: Cybersecurity, Internet of Things, Law, Policy & Regulation

Read more here::

Posted on: May 1, 2019

Leave a Reply

Your email address will not be published. Required fields are marked *

Captcha loading...

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: