Secure by Design
The UK Government is planning a new law to make smart devices, products like cameras, televisions and household appliances which connect to the internet, meet new security standards and to help ensure products are ‘secure by design’.
New voluntary assurances scheme have been launched to give consumers confidence that their smart products have been made cyber secure, thanks to a government grant. Three successful bidders have piloted separate assurance schemes to explore different aspects of the consumer Internet of Things (IoT) landscape.
The IASME IoT Security scheme certifies internet connected devices against the most important security controls. This initiative is open to start-ups and smaller companies. This is based on a self-assessment and reviewed by an assessor. Devices that are certified to the IoT Security Assured scheme will display a logo to reassure consumers that their device meets these basic security requirements.
Organisations looking to improve their cyber security and protect themselves from the most common cyber attacks should look to achieve Cyber Essentials. This simple and effective scheme is designed to guide organisations through a self-assessment questionnaire that will assess your organisation against five basic security controls. These controls will immediately strengthen your cyber defences against internet based attacks. A new Cyber Essentials Readiness Tool, developed by IASME, was launched at CyberUK earlier this week. This tool asks organisations questions related to the main Cyber Essentials criteria and provides tailored advice in preparation for Cyber Essentials certification.
NCSC has produced guidance on smart devices and using them safely in your home. For more information on the government’s work in this area, please see Secure by Design document collection.
Digital Security by Design (DSbD) has launched up to £6 million two-phase competition for UK businesses and academia to collaborate on digital security by design business-led demonstrators. This funding is from the Industrial Strategy Challenge Fund and is investing in projects to help the UK digital computing infrastructure to become more secure. The deadline for applications is the 26th May. Apply here.