wordpress blog stats
Connect with us

Hi, what are you looking for?

Singapore will label IoT products with cybersecurity ratings

Singapore has launched a scheme to label smart devices with their cybersecurity ratings. Launched by the Cyber Security Agency (CSA) of Singapore, the Cybersecurity Labelling Scheme is currently a voluntary scheme that is available for Wi-Fi routers and smart home hubs to start with. Depending on the response, the CSA will make it mandatory for all internet of things (IoT) devices. The Straits Times first reported about it.

The CSA will waive the application fees for the labels for one year (until October 6, 2021) to encourage adoption.

Ratings standards

  • Level 1: Basic security requirements such as ensuring unique default passwords and providing software updates
  • Level 2: Level 1 + developed using security-by-design principles such as conducting threat risk assessment, critical design review and acceptance tests
  • Level 3: Level 2 + assessment of software binaries by approved third-party test labs
  • Level 4: Level 3 + structured penetration testing by approved third-party test labs

*Applications for Levels 1 and 2 will be processed in 5 working days while applications for Levels 3 and 4 will be processed in 3 weeks.
*While application fee has been waived off until October 6, 2021, for Levels 3 and 4, testing fees charged by the third-party labs will still be applicable.

Singapore cybersecurity IOT labels

What the labels would look like. Source: Singapore Cyber Security Agency

These labels will be valid as long as manufacturers support the product with security updates, up to a maximum period of three years. CSA will host a list of approved applications. In case a product ceases to meet the label requirement, CSA “will request” the manufacture to either rectify the situation or get the label removed or reviewed.

The scheme was launched by the Singaporean Communications Minister S. Iswaran on October 7 at the fifth ASEAN Ministerial Conference on Cybersecurity, who called it the first of its kind in Asia-Pacific. The labelling scheme draws reference from a similar European standard which is recognised by Australia and the US as well.

Singapore cybersecurity labels levels

How the labels work. Source: Singapore Cyber Security Agency

The scheme is supposed to help consumers “make informed purchasing choices”. “This takes on added significance when we consider the potential of 5G and the proliferation of IoT devices,” Iswaran said. Singapore’s aim is to take this standard across ASEAN nations and other international partners.

At the meeting, Iswaran also announced that the CSA will establish an Operational Technology Cybersecurity Expert Panel (OTCEP) that would advise the government and stakeholders on how to improve cyber resilience of operational technology (OT) systems.

He also stressed on the importance of safeguarding critical information infrastructures (CII) and building “regional cyber resilience” of CII, such as common cloud and banking systems, that have cross-border impact.

You May Also Like


Due process was not followed by Kerala’s IT Department in finalising the contract with US-based data analytics platform Sprinklr, a report by an enquiry...


Senior journalist and news anchor Nidhi Razdan was all set to start teaching at Harvard University this year. But it turns out she appears...


As businesses and individuals moved online, cyber criminals and fraudsters were able to hone in their skills and target a wider range of people...


The Singapore government has confirmed that data from its coronavirus contact tracing app TraceTogether can be used by law enforcement for criminal investigations. Speaking...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ