|
» THE IMPLEMENTATION of the PTSI Regulations in April 2024 intended to strengthen the security of consumer smart devices. A little over a year later, DHF is reflecting on its impact, assessing its effectiveness, and considering the future for IoT security.
With the Product Security and Telecommunications Infrastructure( PSTI) Regulations now law in the UK, this requires manufacturers of consumer IoT products to meet minimum cybersecurity standards. From 29 April 2024, products must eliminate default passwords, provide a
|
clear vulnerability disclosure policy, and be transparent about security update support timelines. Non-compliance with these measures can lead to significant penalties, including fines of up to £ 10 million or 4 % of global revenue, enforcement notices, and product recalls.
“ In the year following the enforcement, many manufacturers have faced significant challenges in achieving full compliance,” explains Michael.“ These include uncertainty around product scope; supply chain hurdles, because importers and distributors now also share
|
responsibility under the PSTI Regulations; implementation delays due to the complexity of managing compliance across new and existing inventory, and difficulties in producing the required Statement of Compliance( SoC), as defined in Schedule 4 of the PSTI Regulations 2023.”
To support the industry, DHF has held several free educational webinars for its members, the DHF Cyber Security committee was formed and a number of initiatives and campaigns are being created.
To further assist manufacturers, Secured by
|
Design( SBD), in collaboration with the Department for Science, Innovation and Technology( DSIT), has introduced the Secure Connected Device( SCD) certification; to evaluate products against all 13 ETSI EN 303 645 provisions and support industry leadership in security innovation; enhancing trust with distributors, retailers, and consumers.
www. securedbydesign. com / internet-of-things
|