It was introduced for several reasons. The first being that the Government published the Code of Practice for Consumer IoT Security back in 2018, which was developed by the Department for Digital, Culture, Media and Sport (DCMS) and sets a benchmark of best practice for manufacturers to follow when developing IoT products for the UK market. This was influenced by the ETSI EN 303 645 standard, as well as other IoT related standards.
The Government have introduced new legislation, the Product Security and Telecommunications Infrastructure (PSTI) Bill, which will:
- Ensure that consumer connectable products are more secure against cyber attacks, protecting individual privacy and security
- Require manufacturers, importers and distributors to comply with new security requirements relating to consumer connectable products
- Create an enforcement regime with civil and criminal sanctions aimed at preventing insecure products being made available on the UK market
Secondly, with the increase in available IoT products and a growing ecosystem of interconnected devices, cyber criminals are targeting and exploiting vulnerabilities of the products and within apps.
This, coupled with growing demand from industry and current members seeking to gain SBD accreditation for products, has led SBD to launch the ‘Secure Connected Device’ accreditation scheme to help manufacturers develop safe IoT products that consumers can use with confidence.
Our aim is simply to prevent crime, which includes criminal activity in the cyber world.
We want to help companies get their IoT products appropriately assessed and certified against all 13 provisions of the ETSI standard, a requirement that goes beyond the Government’s legislation, so that companies can not only demonstrate that they have achieved the appropriate certification, but importantly protects our member companies, their customers and the public.