ETSI Publish Cyber Security Standard for Consumer IoT
First globally applicable standard for consumer IoT rules out default passwords and requires vulnerability disclosure.
ETSI, the European Standards Organisation have this week released the first globally applicable cyber security standard for consumer IoT devices. The standard, ETSI TS 103 645, establishes a security baseline for internet-connected consumer products and provide a basis for future IoT certification schemes. It builds closely on the UK's Code of Practice for Consumer IoT Security which set out a list of 13 Commitments. The standard focuses on the top three of these which are generally regarded as the highest priority.
The standard requires implementers to forgo the use of universal default passwords, which have been the source of many security issues. It also requires implementation of a vulnerability disclosure policy to allow security researchers and others to report security issues.
Matt Evans, Director of Market Programmes, yesterday said
"Our own research shows thatpoor security is a barrier to greater adoption of Connected Home devices and services. If we are to deliver the very real benefits that IoT can make to people's life's we must address these justified concerns and therefore welcome the publication of the ETSI standard. We encourage companies to engage with both the standard and the UK Government's Code of Practice as these are developed further."
Latest News from
Tech Nation chooses 20 companies to join Cyber growth programme18/04/2019 16:25:00
The programme, funded by DCMS, aims to help grow and scale the UK’s most promising cyber scale-ups.
Register now for event aimed at new Defence suppliers18/04/2019 11:25:00
An event focusing on Radio Frequency (RF) is to be held at Cranfield University looking for large non-defence 5G and SDR providers.
Home Secretary sets out new approach to tackling violent crime17/04/2019 11:25:00
techUK’s Justice and Emergency Services Programme Manager, Jessica Russell, yesterday responded to the Home Secretary’s announcement.
techUK response to the ICO’s draft Age Appropriate Design Code17/04/2019 09:15:00
Ben Bradley, Senior Policy Manager at techUK, responds to the ICO’s draft Age Appropriate Design Code.
Online Harms White Paper: where to next?16/04/2019 12:25:00
techUK's Ben Bradley, Senior Policy Manager, offers an insight into the Government's Online Harms White Paper.
techUK comments on the decision to extend Article 50 until 31 October12/04/2019 11:05:00
techUK CEO Julian David yesterday commented on the decision by the European Council to extend Article 50 until 31 October.
World Class Policing Awards 2019 nominations OPEN!11/04/2019 09:20:00
Nominations are now open for the World Class Policing Awards 2019, which "will honour the very best in policing at a prestigious awards ceremony" in November this year.
European Commission takes forward expert group’s AI guidelines09/04/2019 10:15:00
Overview of the High-Level Expert Group on AI's Trustworthy AI guidelines and the next steps proposed by the European Commission.