Govt unveils code of practice to boost IoT security
The federal government has released a voluntary code of practice to improve the security of the Internet of Things (IoT) in Australia, including devices such as smart fridges, smart televisions, baby monitors and security cameras. Minister for Home Affairs Peter Dutton emphasised the importance of cybersecurity for Australia’s economic prosperity.
“Internet-connected devices are increasingly part of Australian homes and businesses and many of these devices have poor security features that expose owners to compromise. Manufacturers should be developing these devices with security built in by design,” Dutton said.
Scott McKinnel, Country Manager ANZ at Tenable, noted that most IoT devices found in Australian homes and businesses have not been designed with security in mind, making them vulnerable to compromise.
“While the security of one device may seem like a small issue, poorly secured devices can enable cybercriminals to move laterally into homes and businesses, accessing valuable information. As IoT becomes more widely adopted in the industrial space, IoT vulnerabilities can traverse into operational technology systems, risking the function of important machinery and infrastructure. So this isn’t just about securing one device, it’s about securing entire networks,” McKinnel said.
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has released quick and easy tips to help Australian consumers protect themselves against cyber threats when buying and using internet-connected devices. The ACSC has also produced guidance for manufacturers on how to implement the IoT code of practice.
“These measures are an important step in the right direction for the Australian economy, businesses and ultimately everyday consumers as we navigate an increasingly connected world,” McKinnel said.
When purchasing and setting up an IoT device, families and businesses should determine if the device is made and sold by a well-known and reputable company, if it is possible to change the password and if the manufacturer provides updates. Additionally, consumers should also consider what data the device will collect and who it will be shared with.
“Boosting the security and integrity of internet-connected devices is critical to ensuring that the benefits and conveniences they provide can be enjoyed without falling victim to cybercriminals,” said Minister for Defence Senator the Honourable Linda Reynolds CSC.
The code of practice is a key deliverable as part of the 2020 Cyber Security Strategy, developed in partnership with industry following nationwide consultation earlier this year. It outlines the cybersecurity features the government expects of internet-connected devices available in Australia. The code of practice also aligns and builds on guidance provided by the United Kingdom and is consistent with other international standards. The Australian Government will continue to explore further initiatives for improving the security of the Internet of Things.
Information Technology Professionals Association (ITPA) is a not-for-profit organisation focused on continual professional development for its 18,700 members. To learn more about becoming an ITPA member, and the range of training opportunities, mentoring programs, events and online forums available, go to www.itpa.org.au.
UiPath has revealed that the COVID-19 pandemic has increased demand for robotic process...
Adobe has issued the final patches for version 1 of the popular e-commerce platform Magento, but...
Government has made digital and telehealth available through bulkbilling but Australians may...