ETSI releases cybersecurity standard for IoT consumer devices

The ETSI (European Telecommunications Standards Institute) Technical Committee on Cybersecurity (TC CYBER) released a cybersecurity standard for Internet of things (IoT) products. The aim of the standard is to establish a security baseline for IoT consumer devices and to provide a basis for future IoT systems. Implementing this standard will require manufacturers to cease using universal default passwords and to implement a vulnerability disclosure policy that will enable to report about security issues. The initial draft of the standard was based on the ‘Code of Practice for Security in Consumer IoT Products and Associated Services’ which was published by the UK Government department for Digital, Culture, Media and Sport in March 2018.