Singapore has launched a scheme to label smart devices with their cybersecurity ratings. Launched by the Cyber Security Agency (CSA) of Singapore, the Cybersecurity Labelling Scheme is currently a voluntary scheme that is available for Wi-Fi routers and smart home hubs to start with. Depending on the response, the CSA will make it mandatory for all internet of things (IoT) devices. The Straits Times first reported about it. The CSA will waive the application fees for the labels for one year (until October 6, 2021) to encourage adoption. Ratings standards Level 1: Basic security requirements such as ensuring unique default passwords and providing software updates Level 2: Level 1 + developed using security-by-design principles such as conducting threat risk assessment, critical design review and acceptance tests Level 3: Level 2 + assessment of software binaries by approved third-party test labs Level 4: Level 3 + structured penetration testing by approved third-party test labs *Applications for Levels 1 and 2 will be processed in 5 working days while applications for Levels 3 and 4 will be processed in 3 weeks. *While application fee has been waived off until October 6, 2021, for Levels 3 and 4, testing fees charged by the third-party labs will still be applicable. [caption id="attachment_223001" align="aligncenter" width="850"] What the labels would look like. Source: Singapore Cyber Security Agency[/caption] These labels will be valid as long as manufacturers support the product with security updates, up to a maximum period of three years. CSA will host a list of…
