WMG News
WMG cyber security team help shape the future of IoT security
WMG’s cyber security research team, led by Professor Carsten Maple and Associate Professor Dr Gregory Epiphaniou, have been advising the Department for Digital, Culture, Media and Sport (DCMS) on new regulations designed to make ‘smart’ products – like televisions, cameras and household appliances that connect to the Internet – more secure for consumers to use.
The consumer sector is highlighted as being of immediate concern due to users’ security knowledge gaps, overwhelming evidence provided by researchers and media headlines highlighting industry poor practices.
The DCMS’s new regulation will include three major requirements:
- 1. Customers must be informed at the point of sale the duration of time for which a smart device will receive security software updates
- 2. A ban on manufacturers using universal default passwords, such as ‘password’ or ‘admin’, that are often pre-set in a device’s factory settings and are easily guessable
3. Manufacturers will be required to provide a public point of contact to make it simpler for anyone to report a vulnerability.
Carsten Maple, Professor of Cyber Systems Engineering explains: “As a member of the IoT Security Foundation (IoTSF) Executive Strategy Board, I welcome the announcement as a significant step towards ‘making it safe to connect’ to the Internet of Things. WMG are proud and active members of the IoTSF, and we have long championed the need for fit-for-purpose security across all market segments.”
Digital Infrastructure Minister Matt Warman said: “From the offset, we have been proud to offer industry a major role in the development of the government’s approach to boosting the security of smart devices. With IoTSF ‘s support, I am confident that both the wider industry and consumers will continue to welcome our proposals that will help the UK build back safer. I look forward to our further collaboration on this important issue.”
Read more about the regulation here:
https://www.iotsecurityfoundation.org/uk-government-update-on-plans-for-consumer-iot-security-regulation/