You are here

Singapore, UK to promote IoT industry best practices for smart consumer products

On Thursday, David Koh (left) and Ciaran Martin, the respective CEOs of Singapore’s Cyber Security Agency and the UK’s National Cyber Security Centre, signed a joint statement on the two countries' strategic partnership.

TO improve the security of smart consumer products, Singapore and the UK will share initiatives and approaches, and exchange valuable information and experience.

On Thursday, Ciaran Martin and David Koh, the respective chief executive officers of UK’s National Cyber Security Centre and Singapore’s Cyber Security Agency, signed a joint statement on the strategic partnership on the Internet of Things (IoT).

The IoT basically describes the concept of smart products – ranging from wearable devices and mirrors to toasters and washing machines – being connected to each other via the Internet. This allows the devices to communicate and share data with others within the network.

“We want to ensure that Internet-connected devices have security built in by design, and the public and industry are protected against related security threats, such as cyber-attacks, theft of personal data and risks to physical safety,” the joint statement noted.

Market voices on:

“At the same time, we must ensure that the IoT industry can continue to grow and innovate.”

Singapore and the UK will adopt a multilateral approach by working with international and regional partners, including industry and consumer groups, to promote the implementation of best practices as set out in the industry global standards.

Such best practices for manufacturers of consumer IoT devices include discontinuing the most blatant security shortcomings such as the use of universal default passwords, according to the statement.

Companies are also recommended to normalise vulnerability disclosure processes across the IoT industry so that researchers can report security vulnerabilities and manufacturers can respond accordingly.

Software security updates should also be developed and deployed, so that consumers and the wider technical ecosystem are protected throughout the lifetimes of IoT products. Manufacturers should define a support period for the fixing of vulnerabilities, the joint statement noted.

Singapore and the UK will increase their bilateral cooperation in the development of IoT assurance schemes and other efforts to give consumers confidence in the security of their products, as they each also develop their national approaches.

In April last year, under the Commonwealth Cyber Declaration, Singapore along with 52 nations had agreed to work towards the development and convergence of approaches for internet-connected devices and associated services.