Databarracks: UK should follow the US’ lead in IoT cyber-security legislation

Databarracks: UK should follow the US’ lead in IoT cyber-security legislation
18.03.2019 11:19 am

Databarracks: UK should follow the US’ lead in IoT cyber-security legislation

Security , Data

A bill to secure government use of IoT technologies was introduced to the United States Congress last week. The UK should not only follow suit – taking regulatory measures to secure government IoT technology use – but expand this further, to include business and consumer use too, says business continuity and disaster recovery firm, Databarracks.

The UK Government has been proactive in addressing IoT security risks publishing the Secure by Design report in March of 2018 and introducing a Code of Practice for consumer IoT security. Peter Groucutt, managing director of Databarracks, argues that the only way to sufficiently address the issue of IoT security is to legislate.

“The UK Government has already made good progress in bridging the IoT security gap. The content, guidelines and recommendations in its Code of Practice for IoT consumer use are excellent. It addresses the most fundamental cyber security practices in order of criticality and importance. But the scheme doesn’t prohibit non-compliance, and is limited to consumer use. In light of this, we should set a positive example by enforcing minimum security standards for all use of IoT.  

“Our lack of regulation means we see instances as serious as insecure children’s smartwatches. The Code of Practice will be adhered to by the diligent parties in the IoT supply chain, but it won’t prevent less committed companies favouring profit over security and pushing insecure products to market. The same company that produced these smartwatches was also found to be making insecure video baby monitors earlier previously.”

Groucutt continues: “The Code of Practice is currently only for consumer devices such as health trackers, smart home assistants and children’s toys and monitors. We recommend extending this reach as IoT devices aren’t just limited to the consumer world. Increasingly, we see them on corporate networks, which are only as strong as their weakest links. For example, research by Princeton University recently warned about vulnerabilities to national power grids stemming from networked home devices, such as TVs and fridges. We advocate making the Code legally enforceable which is thankfully something the government is already considering and is an approach supported by several cyber experts.

“There is the argument that government interference might limit the UK’s ability to compete with other less regulated markets. But device security is now so fundamental that better regulation could be a competitive advantage and differentiation point for our manufacturers, service providers, developers and retailers.” concludes Groucutt.

Related News

New McAfee Report Finds Eighty-Seven Percent of Companies Experience Business Acceleration from Use of Cloud Services

McAfee, the device-to-cloud cybersecurity company, today released a special edition of its Cloud and Risk Adoption Report, focused on the business impact of cloud services and... Read more »

ECB Chooses SIA and COLT for the Access Network to the Eurosystem’s Payments, Securities and Collateral Infrastructures

SIA, in partnership with Colt Technology Services, has won a tender commissioned by the European Central Bank for the provisioning of connectivity services allowing European... Read more »

F-Secure Countercept premieres at U.S. Gartner Security & Risk Management Summit 2019

F-Secure Countercept combines teams of highly skilled threat hunters and incident responders with cutting-edge technology to deliver a comprehensive, real-time managed... Read more »

Fraud Prevention and Identity Verification Technologies at Identity Week London

Identity Week comprises three world-class events –Digital:ID, Planet Biometrics & Security Document Week– all focused on the concept of identity verification Gradiant is... Read more »

Entrust Datacard Completed Acquisition of nCipher Security

Entrust Datacard, a leading provider of trusted identity and secure issuance technology solutions, completed its previously-... Read more »

F-Secure Wins Best Advanced Persistent Threat Protection Category at SC Awards Europe 2019

F-Secure Countercept was announced as the winning solution in the Excellence Awards: Best Advanced Persistent Threat (APT) category at the... Read more »

Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel