Eseye brings decades of end-to-end expertise to integrate and optimise IoT connectivity delivering near 100% uptime. From idea to implementation and beyond, we deliver lasting value from IoT. Nobody does IoT better.
Eseye, a leader in integrated cellular IoT connectivity solutions and an accredited IASME partner, today highlighted the implications of the recent Product Security and Telecommunications Infrastructure (PSTI) Act and Regulations, which came into force on the 29th April 2024.
Eseye is the first IoT connectivity provider to be accredited as a certifying body on IASME’s IoT Cyber Assurance scheme. The company urgently highlights that the Act will impose significant compliance costs and potential market disruptions for tech manufacturers, requiring their immediate action. Yet despite the initial challenges, it is important to note that these new regulations will substantially enhance IoT security and device connectivity, driving long-term benefits for businesses.
The PSTI Act mandates stringent security measures to protect consumer-connectable devices, aiming to bolster the UK’s defences against sophisticated cyber-attacks and enhance individual privacy. While this legislation may mean adapting development processes to embed enhanced security features from the outset, this dramatic shift will significantly delay product launches and escalate costs for businesses. However, it does present an opportunity for tech manufacturers to enhance their products’ security and gain a competitive edge in the market.
Implications of the PSTI Act for Consumer Tech Manufacturers and End Users
The Product Security and Infrastructure Communications Act now covers a wide array of internet-connected “smart” devices used in everyday life, including consumer electronics such as TVs, home security systems, and smart home appliances.
- The PSTI Act: A Positive Shift for Tech Manufacturers
This legislation not only compels all tech manufacturers to adhere to strict security protocols but this will bring significant benefits to both providers and end users. Not only will the shift enhance the safety of device data, but will safeguard user privacy, including the eradication of generic default passwords often provided with a new device. Each device must have a unique password or that requires users to set a new, secure one during setup, ensuring a higher level of end user security.
At the same time, manufacturers must implement secure methods for software updates and be transparent in their communication regarding length of time for which security support is provided for each device. This includes specifying an accurate timeline for such updates. This commitment will not only strengthen the security of all devices but also build greater consumer trust in IoT technologies, providing reliable protection against cybersecurity threats, meaning that users can confidently use their devices without fear of data breaches or privacy invasions. - Adapting to the PSTI Act A Dual Challenge and Opportunity for Manufacturers
The Act will require realignments of development processes to incorporate these new security features, which will impact product design and market release timing. Customers can expect better communications from manufacturers about how to report product security issues. While these changes pose significant time and cost challenges to providers, they ultimately lead to more secure and reliable consumer technology products, which is a boon for manufacturers and end users.
Eseye’s Role in Supporting Compliance
As an IASME accredited partner, Eseye is at the forefront, providing a reassuring hand to manufacturers in navigating these changes:
- Secure Boot Processes and Vulnerability Management: Eseye offers testing and consultancy to ensure devices comply with the European Telecommunications Standards Institute (ETSI) standards.
- Complex Password Requirements Implementation: Eseye aids businesses in setting up robust password protocols to enhance device security immediately.
“Eseye has consistently prioritised security in our IoT solutions, and the PSTI Act’s emphasis on ‘Security by Design’ aligns seamlessly with our ethos,” stated Nick Earle, CEO of Eseye. “We are committed to aiding our customers through this transition, ensuring they meet the new rigorous standards effectively.”
IASME is a cyber security certification company that works with a network of more than 900 cyber security experts to help organisations of all sizes to improve and demonstrate their cyber security.
The IASME IoT Cyber Scheme provides manufacturers with support to improve the security of their connected devices and then certify their achievement. Certification demonstrates compliance with UK legislation and a commitment to best practice security.
“Eseye’s commitment to these standards not only demonstrates our leadership in IoT security but also reinforces our dedication to supporting our customers’ needs in this evolving digital landscape. Eseye is a trusted IASME partner, so our cybersecurity professionals can ensure your device is PSTI compliant and meets the ETSI standard. Coupled with our ISO 27001 compliance accreditation, we have a strong commitment to adhering to these robust cybersecurity standards,” added Eseye’s Technical and PSTI Lead Consultant, Kamran Jehangir.
Supporting Businesses Through Transition
Eseye’s deep IoT security expertise uniquely positions the company to help businesses adapt to the PSTI Act’s requirements. By offering comprehensive and unwavering support from product conception through deployment, Eseye ensures its partners effectively achieve and demonstrate compliance.