EFS Consulting

Consultation on the new cybersecurity regulation in UK

The British government is preparing a new cybersecurity regulation for consumer smart products 

A public consultation on the planned regulation is currently being carried out by the British Department for Digital, Culture, Media and Sport (final date for comments is 17 September 2020) and a draft text is expected in early 2021. 

The regulation will affect Consumer Internet of Things (IoT) products defined as any network-connectable product and their associated services that are supplied or made available within the UK (which relates to the HS Code List of Chapter 84 and 85). 

Internet of Things (IoT) devices are becoming commonplace in millions of homes around the world and while forecasts vary, research suggests that there could be as many as 75 billion connected smart devices in homes around the world by the end of 2025. Many of the devices on the market still have basic flaws, such as universal default passwords, which leave the devices vulnerable to DDoS (Distributed Denial of Service) attacks.  The purpose of this new regulation is to fix these flaws and better protect the security and privacy of UK consumers. 

The feedback can be submitted on the dedicated website: Call for Views on proposals for regulating consumer smart product cyber security 

More about this Business Area
Compliance and Legal


Cyber security of consumer IoT devices in UK
EU Commission announces new EU cyber security requirements
New cybersecurity standards for RED Directive