Security News > 2021 > December > IoT devices must “protect consumers from cyberharm”, says UK government
The UK legislature is currently interested in a law about what it calls PSTI, short for Product Security and Telecommunications Infrastructure.
It's a much more modest regulatory proposal, and unlike those proposals that aim to disrupt security and cryptography "Just in case we ever lock the keys in the car", its goal is to demand a modest increase in security and basic cyber-reliability in products such as mobile phones, fitness trackers, internet webcams, cloud doorbells, and temperature sensors for your pet fish.
You'll need a reliable way for security researchers who believe in responsible disclosure to contact you, and some visible commitment to closing off security holes that you already know about before the crooks figure them out.
You'll need to tell buyers in advance how long you are going to provide security fixes for the product they're buying today.
C]ybersecurity continues to be an afterthought for many manufacturers of connectable products, and consumers often expect that a product is secure.
In a 2020 report by the Internet of Things Security Foundation, only 1 in 5 manufacturers maintained systems for the disclosure of security vulnerabilities.