Just days after the first ever bill on IoT security was submitted in the U.S. House of Senate for approval, United Kingdom becomes the second country in the league to create, and impose, security regulations for IoT connected cars in the country. This move by the UK government has not come being inspired by the US legislation on IoT, but due to a few attacks by the hackers on connected cars in the UK recently. One of the cars being targeted in the recent series of attacks on connected cars in the UK was a Tesla, an electric car made by the Tesla Inc., a company whose co-founder is the famous digital innovator Elon Musk.
The UK government’s overall security guidelines revolve around 8 fundamental principles for everyone to care about who operates a “smart” car. For a quick overview, here are those 8 principles the UK government has stressed for the security of connected autonomous cars in the country:
- Organizational security is owned, governed and promoted at board level.
- Security risks are assessed and managed appropriately and proportionately, including those specific to the supply chain.
- Organizations need product aftercare and incident response to ensure systems are secure over their lifetime.
- All organizations, including sub-contractors, suppliers and potential 3rd parties, work together to enhance the security of the system.
- Systems are designed using a defense-in-depth approach.
- The security of all software is managed throughout its lifetime.
- The storage and transmission of data is secure and can be controlled.
- The system is designed to be resilient to attacks and respond appropriately when its defences or sensors fail.
Source: Principles of Cyber Security for Connected and Automated Vehicles by Government of the U.K.
These regulations do seem impressive, though! But there is something much more impressive than these regulations: Why IoT solution developers still lack in crafting as effective security protocols as the innovative IoT solutions they make? Mr. Clovis Lacerda of Parlacom Brazil, perhaps, has the right answer to this: “The core reason why IoT developers fail to cope with the security challenges faced by the IoT industry is their least preference to secure the IoT products, but more on developing quantities, which as we all know, always leads to lack of quality.”
We believe most of us who belongs to the IoT industry, in some way or another, must be in harmony with the words of Mr Lacerda. The expert advisors on IT and other technologies in the UK government might, perhaps, have the same reason; including the series of recent attacks, to recommend the Department of Transport U.K. that the time to regulate autonomous IoT-connected cars has come. Well, we hope that UK’s automated vehicles will become safer after these regulations being imposed, and with this, we are also sure of ushering into a new era in which IoT technology has started to take its official standards and legislatures for everyone to follow. This thing convincingly assures us that IoT is definitely here to stay, and stay it will for long!