What Can We Learn From the United Kingdom’s New Security Laws?
- Devices must have unique passwords that cannot be reset to a universal factory setting
- Manufacturers must provide a public point of contact as part of a ‘vulnerability disclosure policy’
- Manufacturers must explicitly state the minimum length of time that a device will continue to receive security updates as part of an ‘end of life policy.’