The UK, Canada and Singapore are joining forces to improve the security of IoT devices.
In a joint statement, the governments of the respective countries noted the economic and social benefits of IoT devices. However, they also warned of the risks of unsecured IoT devices not only to consumer security, privacy and safety, but also to the economy at large through large-scale cyberattacks.
Many record-breaking cyberattacks have taken advantage of the often poor security practices of IoT device manufacturers. As malicious nations increasingly turn to cyberattacks to cause harm to their rivals – using plausible deniability to avoid repercussions – improving cybersecurity measures is more imperative than ever.
Here is the full statement:
“The continued growth of network-connectable products (also known as the Internet of Things or ‘IoT’) is delivering great benefits to citizens and a revolution in connectivity. However, many of these products currently lack even basic cybersecurity provisions. The result is that consumer security, privacy and safety are at risk, with the wider economy vulnerable to large-scale cyberattacks that can be launched through insecure IoT.
The Governments of Canada, Singapore and the United Kingdom are united in our belief that connected products offer enormous economic and social benefits, and that appropriate cybersecurity requirements must be built into these products from the design phase, rather to impose this burden on consumers. Our approach supports growth and innovation, and enables citizens to benefit from the remarkable opportunities offered by this connected revolution.
Protecting consumers around the world requires coordinated efforts from like-minded governments, universities and civil society. Our three governments are working together to promote and support the development of international standards and industry guidance, to foster innovation, and to encourage approaches that integrate internationally recognized security requirements and avoid fragmentation. . Through this global alignment, we can reduce the duplication of similar tests and assessments and the challenge for industry of having to apply to multiple programs underpinned by the same or very similar requirements.
We endorse emerging baseline safety requirements for these products and encourage international recognition and alignment with them. We are united in our belief that international standards can facilitate strong security practices and we encourage the adoption of international standards to mitigate these cyber risks. We commit to continue to work closely together, and we will continue to promote global alignment on best practices and encourage recognition of aligned programs to reduce unnecessary barriers to trade and industry.
On the day of the launch of its unprovoked invasion of Ukraine, Russia launched a cyberattack against satellite operator Viasat to disrupt Ukrainian communications. Fallout from the attack impacted wind turbines in Germany.
In April, members of the Five Eyes intelligence alliance – which includes the UK and Canada – issued a joint cybersecurity advisory warning of increased attacks on critical infrastructure from Russia. These attacks could target countries that have backed Ukraine, especially those that have lawfully supplied conventional weapons to help the country defend against an invading force.
The UK and Canada are members of NATO’s Cooperative Cyber Defense Center of Excellence (CCDCOE), which is open to like-minded countries that are not part of the broader military alliance. Amid growing global cybersecurity threats, CCDCOE membership is growing rapidly.
This week, Japan announced that it had joined the CCDCOE. In May, the center added South Korea, Canada and Luxembourg to its membership. In March, the CCDCOE voted to accept Ukraine into its fold as a contributor.
Cybersecurity alliances – including the CCDCOE and the IoT security partnership announced this week between the UK, Canada and Singapore – will be crucial in tackling growing cyber threats now and in the future.
(Photo by Nathan Dumlao on Unsplash)
Related: US warns Russian cyberattack could trigger NATO response
Want to learn more about IoT from industry leaders? Discover IoT Tech Expo taking place in Amsterdam, California and London. The event is co-located with the Cyber Security & Cloud Expo.
Check out other upcoming TechForge enterprise technology events and webinars here.