SafeShark

🔒 Stay Ahead of the Game: Navigating New EU and UK IoT Cyber Security Standards! 🔒 As the landscape of IoT cyber security evolves, it's crucial for manufacturers to stay ahead of upcoming legislative changes in the EU. Compliance will be mandatory and delivered initially via changes to the Radio Equipment Directive (RED) and then by the new Cyber Resilience Act (more below). Here's what you need to know and do to ensure your products gain or retain market access. 1. Understand the New Standards: EU Market: From 1st August 2025, the Radio Equipment Directive (RED) requirements for cyber security will come into force. Compliance can be demonstrated using the new EN 18031 standard which builds on EN 303 645 with added requirements for logging, network monitoring, and traffic control mechanisms. 2. Prioritise Cyber Security Testing: Both EN 303 645 and EN 18031 involve more than 100 detailed tests. Make cyber security compliance an integral part of your product development cycle to ensure timely market entry. 3. Coordinate Internally: Both EN 303 645 and EN 18031 require pre-test information to be completed using documents called the Implementation eXtra Information for Testing (IXIT) (EN 303 645), and eInfo (EN 18031) and so coordination across teams is essential. This involves a comprehensive understanding of your product's cyber security features. 4. Access the Standards: EN 303 645 is freely available via ETSI. Ensure you're working with the latest version by accessing it through the ETSI Work Programme portal. EN 18031 is currently in draft form, with final versions expected to be available for purchase post-approval. 5. Plan for Future Compliance: The Cyber Resilience Act (CRA) aims to supersede the RED by 2027, adding requirements for both hardware and software. Stay informed and prepare for these changes now. 6. Leverage Expert Support: Companies like SafeShark offer specialist compliance testing and expert guidance to help manufacturers meet these evolving requirements and remain compliant. 7. Act Now! With the 2025 deadline approaching, begin your compliance journey today. Testing against EN 303 645 or EN 18031 and securing a Notified Body opinion is the current best path to ensure EU market access and acting swiftly will save a lot of time and money in the longer term. Download one of our comprehensive compliance guides or get in touch today. 👉 https://lnkd.in/e2S_f35k #IoT #CyberSecurity #EUCompliance #MarketAccess

We are not going to tell you why you should be working with us if you make, sell or distribute a connected product in the UK or EU… We’ll let our customers do that: “We are a distributor for products that were affected by this new standard and the manufacturer did not have approvals, so we decided to obtain it ourselves. Safeshark was introduced to us by one of our customers and after initial discussions I could tell they really knew their stuff. Safeshark was professional, easy to contact and knowledgeable. Their full service and excellent ongoing customer service is second to none.” Tracey Rawlinson, Managing Director, KEYSTONE ELECTRONICS LIMITED Get in touch today and we’ll keep your products on the market https://lnkd.in/eHBuKjeB #iot #producttesting #compliance

Join us at the KNX UK National Conference for a presentation by Alex Buchan, CEng., Director at SafeShark and Technical expert on the new PSTI regulation in the UK and the RED Compliance soon to be rolled out across the EU.  Alex will demystify complex regulations in simple terms and provide actionable solutions for your business. This is vital information for anyone designing, specifying, or installing connected devices! Discover: 🔐 Which products and businesses are affected  🔐 Specific responsibilities  🔐 Key compliance statements and conditions to meet Anyone designing, specifying, or installing connected devices is now responsible for consumer safety. This presentation will equip you with the knowledge to navigate the changing landscape of cybersecurity legislation. Learn more and secure your place at the KNX UK National Conference: https://lnkd.in/dgzdUyQE #KNXUK #KNX #cybersecurity #PSTI #REDcompliance

SafeShark played an active role in the new version of EN 303 645 which is now going through the ETSI approval processes. Working to make certain that cyber security requirements are pragmatic for manufacturers, we ensured an example was included to make it clearer that technologies used by TVs to pair with local devices, such as DLNA, are not considered as requiring authentication. Other notable changes to the spec include a new classification of test which makes certain tests only applicable if IoT devices contain specific features. This impacts part of the tests required for PSTI - 5.1-1 - No universal default passwords which is now mandatory and feature-dependent. Additionally there are some new tests included, extra examples and guidance added (including a definition of the term '#BestPractice'), and strengthening of requirements for users to be able to delete their data. If you're placing products on the UK and/or EU market, SafeShark can provide advice, guidance and testing to ensure your IoT products are compliant. Don't hesitate to get in touch today, our free guides on the requirements and standards can be downloaded here https://lnkd.in/e2S_f35k #IoTdevices #standards #compliance

Happy to share that I'll be speaking at KNX UK National Conference 2024! Make sure to attend it on September 5.

**Calling all manufacturers – EU consultation** Further to the political agreement reached by the co-legislators on the Cyber Resilience Act (CRA), and pending its formal adoption and entry into force, the European Commission is currently taking preparatory steps for the CRA implementation. This includes initial informal consultations and a series of virtual events for manufacturers. More information, timings and registration below 👇 . https://lnkd.in/erhQxNrS #IoT #Connected #Legislation

EU law around consumer devices is changing. Following the UK enforcement of the PSTI Act, even more stringent legislation is in train in Europe.   In this exclusive new guide from SafeShark we ensure you are ready for those shifting requirements. We explore changes to the Radio Equipment Directive and cut through the complexity and uncertainty surrounding the standards you will need to meet now, in the short term, and in preparation for the new Act. With all the information and advice on what to do, plus timelines for next steps, get your copy today. https://lnkd.in/e2S_f35k #connectedhome #IoTdevices #Legislation

Amazing news about our amazing chair - Richard Lindsay-Davies. Congratulations Richard and 🤞 for July 3rd!

Don't let CyberSecurity legislation in the UK (PSTI) or EU (RED) be a wall to market access, or even worse, damage your brand reputation and customer relationships unnecessarily. SafeShark is here to help you make sure your connected IoT devices are not just compliant, but are safe for your customers as well. We don't just test your products, we advise you on how to keep on top of the often shifting regulations, so you can keep selling your products, and keep your customers happy.

Safeshark has exposed alarming non-compliance rates in connected consumer devices. Following last week’s conformance deadline (April 29th), SafeShark, the leading authority in connected product testing, has conducted analysis of more than 100 connected consumer devices currently on the market. The results show that a staggering three-quarters of these devices are still not compliant with the legal requirements set out in the Product Security and Telecoms Infrastructure Act. SafeShark's testing revealed the concerning statistic that 92 of the 124 products (74%) we have checked since the deadline date fail to meet the necessary requirements. Get the full story here https://lnkd.in/e-yj95WA #compliance #iot #connecteddevices