The Product Security and Telecommunications Infrastructure (PSTI) Bill is designed to better protect citizens, networks and infrastructure against threats from insecure consumer connected products, as well as to support the future rollout of 5G networks and gigabit-capable broadband.
The “groundbreaking plans”, officially announced in April 2021, are a response to the growing concerns of potentially vulnerable and unprotected consumer connected smart devices and IoT products now in the UK market.
The Product Security and Telecommunications Infrastructure Bill is currently at its second reading stage in the House of Commons of the UK legislative process.
Figures show that 49% of residents have purchased at least one smart device since the COVID-19 pandemic began, while 57% reported an increase in their household use of internet connected devices.
However, industry professionals and security experts have been warning for years about the potential vulnerabilities in poorly protected consumer products – often due to a lack of standards, regulation and password security – which could leave them open for easy cyber-attacks.
According to Kaspersky, research shows that there were 1.5 billion attacks against IoT products in the first six months of 2021 – a 100% increase on the same period in 2020.
Part 1 of the Bill is focused on making consumer IoT products more secure, following engagement with the National Cyber Security Centre, tech and retail industries, consumer groups and academics.
It proposes three key measures:
The requirements, to be set out in regulations, will:
The Department for Digital, Culture, Media & Sport (DCMS) believes that while IoT consumer products offer huge benefits, the adoption of cyber security measures and requirements in these products is poor. According to research, only one in five manufacturers embed basic security protocols in their products.
The legislation will apply to manufacturers, importers and distributors. Those affected will be given 12 months’ notice following Royal Assent of the Bill to comply and adjust their business practices before the legislative framework comes into full force.
Part two of the bill will focus on telecommunications infrastructure, such as supporting the quick and efficient rollout of 5G networks and optimising existing infrastructures.
Find out more about the Product Security and Telecommunication Infrastructure Bill.
Read IoT expert and member of the IoT Security Foundation, Sarb Sembhi’s thoughts on the bill, from last year: The impact of IoT security for consumer devices
Enjoy the latest fire and security news, updates and expert opinions sent straight to your inbox with IFSEC Insider's essential weekly newsletters. Subscribe today to make sure you're never left behind by the fast-evolving industry landscape.
Sign up now!
