25th November 2024
Each year I look forward to reading the findings of this report and the commentary that augments it. It is a unique barometer of the progress that is being made in the global consumer IoT market, and in recent times can be compared to commercial products used in an enterprise setting.
In April this year, we finally saw the UK’s PSTI enactment after its progress was delayed due to the global pandemic. This report illustrates how we are seeing the effect, and intended outcomes of the UK regulation. It also shows those that are following in Europe and the US are consistent in pointing
the way forward, not just regarding product security, but also the processes that are expected of the supply chain to ensure security is monitored and maintained throughout life usage.
Aside from the headline trend figure – which is encouraging – several sections caught my eye in particular in this report. The first was the retailer section which shows how the UK legislation has driven a bigger improvement than European and US retailers. Whilst the sample set maybe low, it is a consistent gauge moving faster in the right direction. Even John Lewis – whose stocked goods faired very highly at 90% in 2023 improved their position with only Smyths (UK) and Target (US) raising an eyebrow.
The second trend to note is the comparison and gap in practice between the consumer and enterprise sectors. Whilst the consumer sector is firmly heading in the right direction, there is a stark contrast in market practice levels and continues to justify the need for consumer regulation.
The third section relates to the relative positions of individual product categories with notable laggards being Health and Fitness, Lighting and, somewhat paradoxically, Security. Those manufacturer report cards read “must do better”.
I conclude by observing the situation is improving but there is still a lot of room for improvement – in an increasingly digital world, without fit-for-purpose cybersecurity, we are all at risk.
Finally, I’d like to congratulate the Copper Horse team once again for diligently providing time-series documentary evidence that helps us understand the context and state of cybersecurity in connected (IoT) products on the market. I fully commend this report to the reader.