WIREDGOV

By 2020, over 12bn consumer devices will be internet connected.  From your smart meter to your smart TV, these IoT devices can bring a range of benefits to consumers like greater user experience & lower costs.

Concerns, however, have been raised about the poor security inherent within some of the connected consumer devices currently on the market and the lack of incentives for manufacturers to build security into the devices from the outset.  Some of this is down to the lack of awareness amongst consumers of security weaknesses when buying devices, whilst others have argued that the multitude of standards & guidelines out there have made things too complicated for those creating IoT products & services.

That is why we at techUK were so keen to support the DCMS in its ‘Secure by Design’ review, since it sought to address these problems by:

• Creating a Code of Practice (CoP) for manufacturers of consumer IoT products & services
• Mapping guidelines in the CoP to existing UK & international recommendations & standards
• Issuing consumer guidance on smart devices in the home

The publication of the CoP is a watershed moment for the UK IoT and cyber security community.  Developed in consultation with experts in government, industry & academia, the CoP outlines 13 guidelines that manufacturers of consumer IoT should implement into their product’s design to keep consumers safe & secure, ranging from the removal of default passwords to keeping software updated.

What has been refreshing about the development of the CoP has been the enthusiasm from a range of stakeholders to get this right.  From manufacturers & retailers to consumer groups and trade bodies, there has been agreement that we have to move the burden of responsibility for ensuring the security of the devices away from the consumer to one where strong cyber security is built into consumer IoT products by design and consumers can easily set up & manage a device in a secure manner.