India mulls security certification for IoT devices

The government is considering extending its cybersecurity rules beyond internet-enabled CCTV cameras to a wider range of IoT devices, including smart meters, amid concerns over vulnerabilities in imported products, particularly from China.

Agencies
Government is considering extending its cybersecurity framework beyond CCTV cameras to a wider range of internet of things (IoT) devices, including smart meters, according to a Times of India report by Aabhas Sharma. The move comes amid concerns that many of these imported devices, mainly from China, remain vulnerable to cyber threats.

While no final decision has been taken, discussions at the official level are underway on measures that could require connected devices to meet stricter security and certification standards before they can be sold in India. The move, persons in the know told TOI, is aimed at reducing cyber vulnerabilities in internet-connected products and should not be seen as a proposal to ban any category of devices.

The deliberations follow government's decision to mandate security certification for internet-enabled CCTV cameras under the Standardisation Testing and Quality Certification (STQC) framework.


Since April 1, manufacturers whose products do not comply with the prescribed essential security requirements have been barred from selling connected CCTV cameras in India.

Officials said the same concerns increasingly apply across the wider IoT ecosystem, which spans smart meters, home automation products, connected appliances, industrial sensors, wearable devices, healthcare equipment and other internet-enabled products. As these devices grow across homes, factories, offices and critical infrastructure, they also create much larger attack points for hackers if security standards are weak or inconsistent.

People familiar with the discussions said governemnt is examining whether a common baseline security framework can ensure that connected devices entering the Indian market meet minimum cybersecurity requirements before deployment. The emphasis is expected to be on product testing, vulnerability assessment, software integrity and greater visibility into supply chains.
ADVERTISEMENT

The focus is on ensuring that connected products meet India's cybersecurity requirements irrespective of where they are made.

(With inputs from TOI)
Download
The Economic Times Business News App
for the Latest News in Business, Sensex, Stock Market Updates & More.
Download
The Economic Times News App
for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
READ MORE
ADVERTISEMENT

READ MORE:

LOGIN & CLAIM

50 TIMESPOINTS

More from our Partners

Loading next story
Business News › News › Economy › Policy › India mulls security certification for IoT devices
Text Size:AAA
Success
This article has been saved

*

+