UK and Singapore sign IoT security agreement

The UK and Singapore have signed an agreement on embedding security in the Internet of Things (IoT).

It forms part of a wider strategic partnership on areas of common interest, with both countries seeking to ensure that connected devices have security built-in by design.

Ciaran Martin, chief executive of the UK National Cyber Security Centre (NCSC), and David Koh, chief executive of the Cyber Security Agency of Singapore, signed the declaration this week.

Both nations have committed to promoting good practice as set out in relevant industry global standards.

Three areas of focus of the agreement are: discontinuing the most blatant security shortcomings - such as the use of universal default passwords - normalising vulnerability disclosure processes across the IoT industry - so that researchers can report security vulnerabilities and manufacturers respond quickly - and encouraging the development of software security updates to protect the technical ecosystem through the entire lifetime of IoT products.

Martin stated that the growth of internet enabled devices poses a serious security risk. “Without a way for consumers to judge the security of the products they buy, millions of interconnected devices and the data they contain could be vulnerable to cyber attacks.

“The security-by-design UK-Singapore IoT statement will drive improvements in the security of smart consumer products,” he added.

Related Articles