Experts have discovered flaws in how the UK plans to secure IoT devices.

For the most part, today’s consumers are already familiar with the Internet of Things devices. Security experts have identified gaps in how the United Kingdom plans to secure IoT gadgets. Is the new UK government IoT cybersecurity bill suitable for its intended purpose? The Internet of Things (IoT) is a term used to describe connectable electronic devices, such as fitness trackers, home assistants, and cars.
Security experts find flaws with how the UK plans to secure these connected devices. The British Government has just unveiled draft legislation on how it will regulate this growing industry to protect consumers from cyber-attacks and other risks posed by faulty products or services. But security researchers have found problems with what they say is a lack of detail about who will be responsible for protecting consumers.

Why are IoT deceives a cybersecurity issue? 

Kaspersky’s research has shown that 1.5 billion IoT devices were breached during the first six months of 2021, a number almost double from 639 million for all of 2021. The reason? Security has long been an afterthought for manufacturers and consumers alike when it comes to these typically inexpensive products that continue to ship with guessable or default passwords and insecure third-party components. In response, the U.K. government introduced the Product Security and Telecommunications Infrastructure bill (PST) in Parliament this week which requires IoT manufacturers, importers, and distributors to meet certain cybersecurity standards in order to make people more aware of IoT security issues.

The PST introduces a requirement for all applicable suppliers–including those outside the UK supplying goods or services to UK customers–to adhere to minimum cybersecurity standards, including taking reasonable steps to prevent unauthorized access to devices, protecting user data, and reporting any incidents. The goal is to make these products more secure and hopefully reduce the number of breaches.

This is just one step in the right direction as we continue to grapple with the lack of IoT security. However, the problem will only get worse as more devices are released into the market. Manufacturers need to focus on making their products more secure. Consumers also need to take responsibility for knowing how these devices work and make sure they do what they’re meant to maintain the security of the device long term.

This is why the UK government has brought forward The Product Security and Telecommunications Infrastructure (PSTI) Bill.

What is the goal of this new IoT security legislation?

The bill establishes three minimum security standards in three key areas. The first is a prohibition on universal default passwords, such as “password” or “admin,” which are frequently set in a device’s factory settings and are easy to guess. Manufacturers will be required to provide a public contact point so that anybody may inform of a security flaw. Last but not least, the new law will require manufacturers to notify customers of security breaches under certain circumstances.
The three main areas are:
1 – A prohibition on universal default passwords
2 – The requirement for all applicable suppliers to ensure they have a public contact point so that anybody can inform them of a security flaw
3 – The requirement for manufacturers to notify customers of security breaches under certain circumstances

What are the benefits of this new IoT security legislation?

The goal of the PSTI bill is to make IoT devices more secure, with a focus on prevention, data protection, and incident reporting. By requiring suppliers to adhere to minimum cybersecurity standards, it will be easier for people to identify insecure devices and report any incidents. The bill also creates a dialogue between manufacturers and consumers, which is necessary to make progress on IoT security.

How can you make your own IoT device more secure?

For IoT devices to be more secure, we all need to get a better understanding of the ways security can be improved. IoT devices are everywhere in our lives, but many of them are insecure. The good news is that you can take proactive steps to improve your device security and help make the Internet a safer place. Here are 8 things you should do today to protect yourself from hackers:

  1. Don’t use default passwords for your devices
  2. Update the firmware on all of your IoT devices as soon as new updates become available
  3. Understand and implement how encryption works (hint: it’s not what you think)
  4. Be aware of the risks of smart speakers with voice assistants like Alexa or Siri at this time because they’re more vulnerable than other types of internet-connected speakers/devices
  5. Never share any personal information over unsecured wifi networks
  6. Only shop on sites that have an https:// connection and look for the green lock in your web browser
  7. Disable Bluetooth whenever you’re not using it, especially if you have a fitness tracker or other wearable device
  8. Be careful about what information you post to social media – hackers can use this to target you for a future cyberattack

Manufacturers of typically inexpensive devices have long ignored cybersecurity, shipping devices with guessable or default passwords and insecure third-party components. In a bid to ensure IoT devices remain secure, the British government passed legislation requiring IoT device manufacturers, importers, and distributors to enhance security of their products.


The internet of things (IoT) is one of the fastest growing technologies in existence today. This means there are more devices connected to networks with sensitive information than ever before, which creates a cybersecurity risk for both businesses and consumers alike. If you’re not yet familiar with this issue, now’s the time to educate yourself on how security can be improved by considering these IoT deceives as well as what they mean for your business or home network.

Similar Posts