Government code to boost security of consumer IoT

By Stuart Corner of IoT Australia

The Australian Government has followed the UK’s lead, producing a voluntary code of practice for suppliers of consumer IoT devices.

Home Affairs minister, Peter Dutton said the code of practice, had been developed drawing on the technical expertise of the Australian Cyber Security Centre (ACSC), aligned with guidance provided by the United Kingdom and was consistent with other international standards.

Its release follows the Government and its ‘Five Eyes’ partners signing a statement of intent on IoT security in London in July 2019.

Dutton said the government would work with states and territories to ensure an aligned and harmonious approach, and would explore further initiatives for lifting the security of IoT through the 2020 Cyber Security Strategy.

This will replace the 2016 Cyber Security Strategy, a four year plan backed by a $230m investment. The government issued a discussion paper submissions on which closed on 1 November. However it made only passing reference to IoT.

The UK Government released its first version in October 2018 but is now considering introducing legislation. The Australian guide, which is a for-comment draft until 1 March 2020, closely follows the UK version, and ETSI TS 103 645 – Cyber Security for Consumer Internet of Things

The Australian Government has not signalled any intent to follow the UK’s lead, except to say, “Further initiatives for lifting the security of the Internet of Things will be explored through the 2020 Cyber Security Strategy.”

The UK Government is also co-operating to secure consumer IoT with one of Australia’s neighbours, Singapore.

Stuart Corner is editor of IoT Australia

Subscribe to our free @AuManufacturing newsletter here.