Government rolls out new cybersecurity laws for smart devices
The government has unveiled new laws this week to help protect millions of internet-connected household devices from the threat of cyber attacks.
The measures mean all consumer smart devices sold in the UK will have to adhere to three security requirements.
Under the new legislation, all internet-connected device passwords must be unique, with users unable to reset them to any universal factory setting.
In addition, manufacturers will be obliged to provide a public point of contact for reporting security flaws and must explicitly state the minimum length of time for which they will provide security updates.
The plans, drawn up by the Department for Digital, Culture, Media and Sport, comes amid a rise in the number of connected devices, which together are known as the Internet of Things (IoT).
Research suggests there will be 75bn internet-connected devices — such as TVs, camera and home assistants — in homes around the world by the end of 2025.
“Our new law will hold firms manufacturing and selling internet-connected devices to account and stop hackers threatening people’s privacy and safety,” said digital minister Matt Warman.
“It will mean robust security standards are built in from the design stage and not bolted on as an afterthought.”
Following consultation with the National Cyber Security Centre and the business industry, the government said it aims to develop further legislation to protect consumers without harming the long-term growth of the IoT.
“Consumer IoT devices can deliver real benefits to individuals and society but Tech UK’s research shows that concerns over poor security practices act as a significant barrier to their take-up,” said Matthew Evans, director of markets at industry body Tech UK.
“We are therefore supportive of the government’s commitment to legislate for cyber security to be built into consumer IoT products from the design stage.”
- Contract SailPoint Programme Manager - UK 12 month+ project
- United Kingdom
Programme manager with SailPoint IdentityIQ IAM experience is needed for a 12 month rolling contract. To engage and manage a enterprise client programme of work focused around SailPoint. This is a hybrid role, some limited travel to London / Reading maybe required. You must have enterprise level programme management, a focused and recent history within Identity and Sailpoint project experience. Exclusive project, interview immediately.
- Outside IR 35 contract- Threat & vulnerability analyst - SC CLEARED UK REMOTE
6 month rolling contract Outside IR35- immediate start. Threat and Vulnerability Analyst. Tenable.sc experience needed. The ability to deploy agent, configure environments, run active and passive scans, produce reports and prioritise remediation activities based on output Current and ACTIVE clearance is required
- Chief Information Security Officer- CISO. London
Chief Information Security Officer (CISO) is needed to join a senior leadership team that is driving change across a London based FTSE business. You will have responsibility and accountability to define and execute an information & Cyber Security strategy. To be successful you should have the following experience; Experience defining, presenting and executing against your information AND cyber security strategy. Experience delivering / managing functions across information security GRC / Audit and technical Cyber Security capabilities. Senior stakeholder management to the executive committee. Embedding Info / cyber security within a Cloud focused environment. Further develop, expand and mature the information / cyber security function | team. Be able to regularly commute to London Financial services experience is desirable. If this sounds like an opportunity you are interested in then please use the below form to schedule a call. This is an exclusive project to DCL Search. All conversations are kept in confidence.
- IAM Business Analyst- ForgeRock
- European Union
- £500 per day
IAM Business Analyst with ForgeRock experience is need for a 12 months contract The client is in the middle of a large scale ForgeRock deployment and the BA will sit between the technical teams and the business helping to ensure the project is a success You will need to be a strong business communicator and have experience of mapping business needs against ForgeRock features This will be a remote project dealing with teams in different geographies, you must have strong English communications skills and be happy working remotely and able to be proactive to ensure your side of the project is a success