The UK’s Product Security and Telecommunications Infrastructure (PSTI) Act introduces crucial regulations to enhance the security of connected devices. Key points of the Act include:
- Ban on weak default passwords: Devices with simple, easily accessible passwords like “12345” are no longer permissible.
- Mandatory contact point for security issues: Manufacturers must provide channels to report vulnerabilities.
- Clear updates policy: Vendors must clarify the duration for which devices will receive security updates.
This legislation is a first step, but experts like Professor Alan Woodward stress the need for broader security measures.