Connected devices MUST comply from April 29th

On April 29^th 2024, the UK will make history as the first country in the world to introduce ground-breaking protections for consumers using connectable devices, from smart phones and games consoles to smart doorbells, connected appliances and home systems.  

The regulatory regime, introduced through the Product Security and Telecommunications Infrastructure Act (PSTI) 2022 and the PSTI Regulations 2023, will position the UK as the global pioneer in enforcing new minimum cyber security standards, signalling a substantial leap forward in consumer protection.

The Act and Regulations introduce a raft of new, common-sense protections like eliminating universal and easily guessable default passwords, providing a way to report issues to the manufacturers and ensuring manufacturers are transparent about how long a product will receive security updates.  Manufacturers, retailers and importers of smart devices must now ensure they comply with the law and all products must carry a ‘Statement of Compliance’ at all stages of the supply chain.

Unsure if your company or your products are in scope? Need help from the experts to guarantee your compliance and continued access to the UK market? Want to avoid a £10m penalty (or 4% of global turnover whichever is greater) if you aren’t compliant after April 29^th? Get in touch today and we can help immediately with a free call with one of our dedicated experts.

Compliance deadline announced

Following the introduction of the Product Security and Telecommunications Bill last December, the UK Government has now set a date for when new cyber security regulations will apply to connectable products.

Businesses involved in the supply chains of connectable will need to be compliant with the new regime from the 29th April 2024. Failure to comply with the requirements could result in products not being able to access the UK market and/or fines impacting global turnover.

This is in addition to EU market access requirements which are coming in from the 1st of August 2024 via the Radio Equipment Directive (RED).

SafeShark’s testing and certification service backed by the British Standards Institute (BSI) provides a complete one-stop route to compliance for both the UK and EU markets.

SafeShark has been working with NCSC and UK Government since the outset of the Secure By Design initiative and is also active in standards bodies writing the requirements that underpins the legislation – ETSI EN 303 645.

We are trusted by major brands such as LG who have certified their TV platforms via SafeShark. To find out more and start your compliance get in touch today.

Full details on the UK requirements can be read here.

57% of all connected devices vulnerable to medium-high severity attacks

Members of the UK House of Commons Digital, Culture, Media and Sport Committee are to investigate the dangers posed by hostile and criminal actors to connected technology, a branch which ranges from virtual assistants, smart appliances and wearable devices to smart homes and cities. Despite being used in homes, cities, businesses, and hospitals, research has found that 57 per cent of all connected devices were vulnerable to medium- or high-severity attacks.

SafeShark selected for DCMS accelerator programme

Some great news to kick off the week... we're delighted to be able to announce that SafeShark has won a coveted place on the Department for Digital, Culture, Media and Sport (DCMS) funded Cyber Runway accelerator programme! ✨🎈🎉

We are beyond thrilled to be joining such an amazing 'Grow' cohort and we can't wait to get started!

Find out more about the scheme here. And don't forget to follow us on Linkedin and Twitter to see more about what we are doing and how we can help your business.

SafeShark selected as finalist in DCMS ‘Most Innovative Cyber SME 2022’ competition

SafeShark has been selected as one of the UK’s 14 most creative and original information security businesses in the UK.

SafeShark, a Joint Venture between DTG Testing and Connect Devices, backed by BSI to provide the leading independent certification for new IoT cybersecurity standards, has been shortlisted in the UK’s Most Innovative Cyber SME 2022 contest, run by the Department for Digital, Culture, Media & Sport (DCMS) in partnership with Infosecurity Europe.

As a finalist, SafeShark will have a stand (M96) in the DCMS Cyber Innovation Zone at InfoSecurity Europe 2022 (21-23 June at ExCeL London) where we’ll be demo-ing the SafeShark objective and continuous testing to meet the new upcoming legislative requirements, backed by BSI certification to turn compliance into competitive edge.

A full list of 2022 finalists can be found here.

This is the seventh year the competition has been run, and is open to micro, small and medium cybersecurity businesses registered in the UK. The overall winner will be announced live on the Innovation Showcase stage at the show. Visitor registration is open here.

Commenting on the news, SafeShark Director and DTG CEO Richard Lindsay-Davies said: “We are delighted that SafeShark has been recognised as one of the most important innovations in the cyber security space. The legislation that is now before Parliament is designed to add a layer of protection for consumers in their own homes. This award underlines that SafeShark goes beyond those mandated requirements to demonstrate to retailers and their consumers that device manufacturers have really gone the extra mile to keep their customers safe.”

Record levels of investment into UK’s cyber security sector

New government data shows that 1,800 UK-registered cyber security firms have generated a total of £10.1bn in revenue in the most recent financial year, a massive 14% increase from the previous financial year. The DCMS Annual Cyber Sector Report, which tracks the growth and performance of the UK cyber security sector, reveals the industry contributed around £5.3bn to the UK economy in 2021, rising from the previous year’s figure of £4bn.

More than £1bn of external investment for these UK cyber security firms was secured across 84 deals. Employment across the industry also grew by 13%, with more than 6,000 new jobs added to the UK’s 50,000-strong cyber workforce.

“Cyber security firms are major contributors to the UK’s incredible tech success story. Hundreds of British firms from Edinburgh to Bristol are developing and selling cutting-edge cyber tools around the world that make it safer for people to live and work online. We are investing in skills training and business initiatives to help the UK go from strength to strength as a global cyber power and open up the sector to people from all walks of life.”
Nadine Dorries, Digital Secretary

Read the full release here

New laws proposed by DCMS to strengthen UK resilience to cyber attacks

DCMS has launched two consultations seeking the public’s views on new proposals stated to improve the UK’s resilience to cyber attacks.

The following statement was released by the Minister for Media, Data and Digital Infrastructure:

"It is vital that cyber security is a fundamental part of our country’s digital transformation journey."
Julia Lopez
Minister for Media, Data and Digital Infrastructure

DCMS have presented three pillars, each one representing a challenge the country faces with cyber security. These are:

Proposals to amend provisions relating to digital service providers
Proposals to future-proof the UK NIS regulations
Empowering the cyber security profession

These pillars with be addressed through two separate consultations. The first looks at the first two challenges and aims to create a comprehensive framework for managed services and upgrading security legislation so the country can more easily manage future risks. The second focuses on embedding the standards and pathways across the cyber profession by 2025. These consultations close at 11:45pm on Sunday 10 April 2022, and 11:45pm on Sunday 20 March 2022, respectively.

The full press release can be read here.