A new Bill that could affect your business!
The Product Security and Telecommunications Infrastructure (PSTI) Bill is being introduced by the UK Government to enhance device security against cyber threats. Consequently, it will introduce new safety standards for device manufacturers and digital service providers.
Your business could be affected. Speak with a WEBPRO Adviser professional if you want to know more, or read on below.
What is the PSTI?
The Product Security and Telecommunications (PSTI) Bill is part of the UK Government’s commitment to improving cybersecurity in domestic products that are considered part of the Internet of Things (IoT). It builds on the government’s Code of Practice (2018), which set down 13 guidelines that manufacturers must abide by to improve cybersecurity.
However, the PSTI Bill will zone in on cybersecurity further and is divided into two parts. The first part is dedicated to the cybersecurity of products, whereas the second part focuses on telecommunications infrastructure.
Why is PSTI necessary?
The PSTI Bill is deemed necessary to protect consumers of technological devices, especially those that can connect to other devices via the internet. Scores of IoT products are being reported to have inadequate cybersecurity measures, leaving the consumer vulnerable to cyber-attacks. Lacking cybersecurity could result in personal data and files being extracted without the consumer realising, which could lead to other crimes such as fraud.
Many consumers believe that IoT devices must already be safe or they wouldn’t have been available for purchase. But before the PSTI measures are enforced, this isn’t actually the case.
Key proposals of the PSTI Bill
PSTI Bill regulations will apply to IoT products. It will be the duty of the manufacturers of these products, importers to the UK and distributors of the products - which may include digital service providers – to abide by the new rules.
Some of the key takeaways from the PSTI Bill are:
- Banning default universal passwords that are considered weak.
- Informing consumers on how long it will be before the product requires crucial software updates. Consumers must be informed unless the product comes with software upgrades.
- IoT product manufacturers to allow some third parties to analyse their products and report design flaws and security concerns. These third parties are likely to be specialising security researchers.
PSTI to fast-track 5G
Part Two of the PSTI Bill looks at ways for landowners to build better relationships with mobile network providers. By creating more fruitful relationships between these parties, it is hoped that the UK Government’s aims of wider 5G coverage will be met. Therefore, the PSTI Bill is being used to expedite negotiations between relevant parties, which could bring 5G connectivity to more regions of the UK in a quicker time.
This should be seen as a positive for IoT product manufacturers and digital service providers. Widespread 5G connectivity could improve their capabilities to create or offer better devices and digital services.
How should providers prepare?
The best way to prepare for the PSTI Bill is to stay updated on its development and how the final Bill may look after any further amendments. Both manufacturers and service providers in the digital sphere will need to keep their fingers on the pulse. It may be beneficial for manufacturers to prepare by aligning their products and processes with the 13 guidelines already published in the aforementioned Code of Practice (2018).
Recap: The UK Government is in the process of amending and introducing a final Product Security and Telecommunications Infrastructure (PSTI) Bill. This new Bill will build on previous efforts to tighten security among Internet of Things (IoT) products. It will also help extradite negotiations between landowners and mobile network providers to make 5G connectivity widely available across the UK. The content of the PSTI Bill will have consequences for manufacturers, importers and distributors, which may involve digital service providers.
P.S. Not keeping to the new rules can land your business a fine of up to £10 million or up to 4% of global revenue!