Is the New PSTI Act Enough to Protect Smart Devices?

April 29, 2024
1 min read

TLDR:

  • The New PSTI Act seeks to make connected digital devices more secure by implementing minimum security requirements for manufacturers
  • The Act will come into effect in the UK on Monday 29 April 2024

Internet of Things (IoT) devices have seen a significant increase in popularity, but have also become vulnerable to cyberattacks. In response to this, the Product Security and Telecommunications Infrastructure Act (PSTI Act) was introduced to enhance the security of smart devices. The Act aims to improve consumer protection by implementing measures such as banning default passwords, reporting security vulnerabilities, and ensuring manufacturers disclose how long they will support each product.

Although the Act has been welcomed by experts in the cybersecurity field, some believe that it may not go far enough to protect consumers. There are concerns about the loopholes in the legislation, the impact on businesses, and the potential oversight of consumer complacency. Ensuring robust API authentication and authorization, addressing human behavior, and empowering consumers to take control of their data are key aspects that some believe should have been further emphasized in the Act.

Overall, the introduction of the PSTI Act represents a positive step towards enhancing the security of connected devices. However, experts suggest that continuous innovation, comprehensive privacy measures, and global collaboration are essential to safeguarding digital communications in the evolving IoT ecosystem.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and