Draft standard for vote - EN Cyber Security Internet of Things: Baseline Requirements
12 May 2020
In October 2018 the UK government published a guidance document, the UK Code of Practice for Consumer IoT Security to set out practical steps for IoT manufacturers and other industry stakeholders to improve the security of consumer IoT products and associated services. Implementing its thirteen guidelines will contribute to protecting consumers’ privacy and safety, whilst making it easier for them to use their products securely. The guidelines bring together what is widely considered good practice in IoT security. They are outcome-focused, rather than prescriptive, giving organisations the flexibility to innovate and implement security solutions appropriate for their products. The guidance document approach was subsequently adopted into an ETSI Technical Specification ETSI TS 103 645 V1.1.1 Cyber Security for Consumer Internet of Things (2019-02).
This work has now been moved forward to a standard, EN 303645 V2.1.0 Cyber Security for Consumer Internet of Things: Baseline Requirement. This standard has been issued as a Final Draft for voting and BSI have circulate the document under reference TCT/301_20_0023 for voting and comments. Comments and voting intention needs to be submitted to Ofcom by 20 May 2020. The Final Draft of the EN retains the structure of the guidance referred to above to which many UK stakeholders contributed. The Final Draft can be seen on the ETSI website here.
BEAMA supports the publication of this standards and will be advocating a positive vote.
We are inviting members to comment on this draft standard. Log in to download the draft standard