'Cyber kangaroo' ratings for IoT security? Jump to it, says Australia's cyber security minister

Proposed labelling scheme will try to match similar efforts in UK, USA

Australia's government hopes that somewhere in the world, a vendor of consumer-grade connected electronics is willing to admit it's rubbish at security by giving itself a low score in a proposed safety rating system.

The idea of security ratings for internet things emerged during last year's 360° Cyber Security Game, co-hosted by the Australian National University's National Security College and Rand Corporation. Vulture South's Simon Sharwood was a participant in the games, and was even a member of the team that suggested a star-rating scheme.

The report [PDF] that summarised the Game made detailed the idea as follows:

One proposed solution was to create a check-mark system for quality assurance of cyber devices that is both visible on device packaging and understandable to consumers. Exercise participants colloquially described this as a ‘cyber kangaroo’ logo. Local governments, together with industry, have an opportunity to develop a framework for the cyber kangaroo, including the design of the measurement criteria and enforcement and monitoring mechanisms. This group could also consider how to respond the first time a product with the cyber kangaroo logo is hacked and who would be responsible for responding to such an attack.

(The Register emphasises the “cyber kangaroo” was, we assure you, someone else's idea.)

Fairfax Media now reports that Australian bureaucrats have been in touch with companies like Amazon, Google, Microsoft, Telstra, Optus and others over the scheme.

Dan Tehan, Australia's minister assisting the prime minister for cyber security, has pointed to draft legislation in America and said “this is something we might need to look at”.

He also said talks had begun to try and make sure Australia, the USA and Britain could take a harmonised approach to any legislation. ?

Bootnote: Vulture South saw plenty of comic potential in the idea of product labelling, but moved too slowly. Infosec researcher Troy Hunt summed up the issue nicely here.


Biting the hand that feeds IT ? 1998–2017

<var id="haujiCA"></var>
<cite id="haujiCA"></cite>
<cite id="haujiCA"></cite>
<ins id="haujiCA"><span id="haujiCA"></span></ins>
<cite id="haujiCA"><video id="haujiCA"><menuitem id="haujiCA"></menuitem></video></cite>
<cite id="haujiCA"></cite><var id="haujiCA"><span id="haujiCA"></span></var>
<cite id="haujiCA"></cite>
<var id="haujiCA"><video id="haujiCA"></video></var>
<var id="haujiCA"></var>
<ins id="haujiCA"><span id="haujiCA"><cite id="haujiCA"></cite></span></ins>
<ins id="haujiCA"><span id="haujiCA"><cite id="haujiCA"></cite></span></ins><cite id="haujiCA"></cite>
<cite id="haujiCA"></cite> <ins id="haujiCA"></ins>
<var id="haujiCA"></var>
<ins id="haujiCA"><span id="haujiCA"><cite id="haujiCA"></cite></span></ins><var id="haujiCA"><span id="haujiCA"><menuitem id="haujiCA"></menuitem></span></var><cite id="haujiCA"><span id="haujiCA"></span></cite>
<ins id="haujiCA"></ins><ins id="haujiCA"><span id="haujiCA"><cite id="haujiCA"></cite></span></ins>
<var id="haujiCA"><span id="haujiCA"></span></var>
<ins id="haujiCA"></ins>
<cite id="haujiCA"></cite>
  • 508353853 2018-01-19
  • 966152852 2018-01-19
  • 997753851 2018-01-19
  • 544586850 2018-01-19
  • 242178849 2018-01-19
  • 44045848 2018-01-19
  • 407396847 2018-01-19
  • 696396846 2018-01-19
  • 396911845 2018-01-19
  • 147632844 2018-01-19
  • 729495843 2018-01-19
  • 520251842 2018-01-19
  • 44834841 2018-01-18
  • 386713840 2018-01-18
  • 170438839 2018-01-18
  • 217748838 2018-01-18
  • 965847837 2018-01-18
  • 788607836 2018-01-18
  • 464515835 2018-01-18
  • 409851834 2018-01-18