Cybersecurity should be embedded into the way 'smart' consumer devices are made, the UK government has said.
The government has, in collaboration with industry and the National Cyber Security Centre, developed a security by design report.
This report sets out the Government's work to help ensure the consumer "internet of things" (IoT) is secure by design, with security built in from the start.
This report advocates a fundamental shift in approach: moving the burden away from consumers having to secure their devices and instead ensuring strong security is built into consumer “internet of things” (IoT) products by design. It also sets out the need for greater action by Government and industry, and proposes a range of measures to better protect citizens and the wider economy.
The central proposal of this report is a draft Code of Practice aimed primarily at manufacturers of consumer IoT products and associated services. It has been developed through extensive engagement with industry and subject matter experts and sets out thirteen practical steps to improve the security of consumer IoT.
IoT security is a global challenge requiring global collaboration. The Government is working with international partners and through international organisations to collectively take action to secure consumer IoT products and associated services at every stage of their lifecycle.
The publication of this report, and particularly the draft Code of Practice, is intended to stimulate further dialogue with industry, international partners, academic institutions and civil society. Further details on how to provide input on the proposed interventions are included in the report.