Share this article on:
Standards Australia calls for cyber security labelling scheme, which is similar to health labels on packaged food, and could help improve the quality of Australian internet of things (IoT) and smart devices.
In its Iconic Nation report released this week, the national body for developing standards identified cyber security standards as a key priority over the next decade, recognising the growing number of incidents reported to the Australian Cyber Security Centre (ACSC) each year.
In a statement, Adrian O’Connell, Standards Australia CEO said over the next 10 years, up to 4,000 new national standards will be needed to accelerate the transformation from an analogue to digital economy, strengthen our systems from cyber attacks, mitigate the impact of natural disasters such as floods, cyclones, droughts and plagues and hasten the expected transition from traditional energy sources to alternative ones such as hydrogen.
A smart devices cyber security labelling scheme, being developed alongside the Internet of Things Alliance Australia (IoTAA), is part of that new set of standards.
The scheme is aimed at “incentivising manufacturers to address security vulnerability levels”, according to the Standards Australia report, and it is designed to help promote security of consumer devices.
According to the report, “this will be an Australian first and position Australia as a world leader in enhancing security within the IoT”.
Such a labelling scheme is something the government’s Behavioural Economics Team (BETA) has also explored, releasing its report into cyber security labels in March.
The research looked into how Australian consumers might react to seeing three different types of security labels on smart devices – two with guarantees that the device would receive updates until a certain date, and one with simple ratings like “enhanced” or “hardened”.
Study participants – of which there were 6,000 – then completed shopping scenarios where they compared different examples of smart products (TV, watch, home hub, light bulb) and answered questions about how the different labels affected their decision-making.
The most effective label had the simple shield rating.
But importantly, the research showed ratings did have an effect on how consumers might purchase devices.
The study found people preferred to choose high-rating devices and were even willing to pay a bit more for a device with a rating on it than one without.
“These results suggest cyber security labels are likely to achieve their aim of helping Australian consumers make more informed decisions about cyber security when purchasing smart devices,” the researchers said.
[Related: What can the Australian health sector learn from 2021’s threat landscape?]