• Apple, Samsung, Google and other manufacturers will say when smartphones, smart speakers and other devices will stop getting security updates
• Easy-to-guess default passwords to be banned on virtually all devices under new law
• Rules will make it easier for people to report software bugs that can be exploited by hackers

Makers of smart devices including phones, speakers, and doorbells will need to tell customers upfront how long a product will be guaranteed to receive vital security updates under groundbreaking plans to protect people from cyber attacks.

New figures commissioned by the government show almost half (49%) of UK residents have purchased at least one smart device since the start of the coronavirus pandemic. These everyday products – such as smart watches, TVs and cameras – offer a huge range of benefits, yet many remain vulnerable to cyber attacks.

Just one vulnerable device can put a user’s network at risk. In 2017, attackers infamously succeeded in stealing data from a North American casino via an internet-connected fish tank. In extreme cases hostile groups have taken advantage of poor security features to access people’s webcams.

To counter this threat, the government is planning a new law to make sure virtually all smart devices meet new requirements:

• Customers must be informed at the point of sale the duration of time for which a smart device will receive security software updates
• A ban on manufacturers using universal default passwords, such as ‘password’ or ‘admin’, that are often preset in a device’s factory settings and are easily guessable
• Manufacturers will be required to provide a public point of contact to make it simpler for anyone to report a vulnerability.

Smartphones are the latest product to be put in scope of the planned Secure By Design legislation, following a call for views on smart device cyber security the government has responded to today.

It comes after research from consumer group Which? found a third of people kept their last phone for four years, while some brands only offer security updates for a little over two years.

The government continues to urge people to follow NCSC guidance and change default passwords as well as regularly update apps and software to help protect their devices from cyber criminals.

Digital Infrastructure Minister Matt Warman said:

Our phones and smart devices can be a gold mine for hackers looking to steal data, yet a great number still run older software with holes in their security systems.

We are changing the law to ensure shoppers know how long products are supported with vital security updates before they buy and are making devices harder to break into by banning easily guessable default passwords.

The reforms, backed by tech associations around the world, will torpedo the efforts of online criminals and boost our mission to build back safer from the pandemic.

Security updates are a crucial tool for protecting people against cyber criminals trying to hack devices.

Yet research from University College London found none of the 270 smart products it assessed displayed information setting out the length of time the device would receive security updates at the point of sale or in the accompanying product paperwork.

By forcing tech firms to be upfront about when devices will no longer be supported, the law will help prevent users from unwittingly leaving themselves open to cyber threats by using an older device whose security could be outdated.

Just one in five global manufacturers have a mechanism in place to allow security researchers – firms and individuals who find security flaws in devices – to report vulnerabilities.

These moves have been supported by important tech associations across the globe including the Internet of Secure Things (IoXT), whose members include some of the world’s biggest tech companies including Google, Amazon and Facebook.

Brad Ree, CTO of the Internet of Secure Things (IoXT) Alliance, said:

We applaud the UK government for taking this critical step to demand more from IoT device manufacturers and to better protect the consumers and businesses that use them.

Requiring unique passwords, operating a vulnerability disclosure program, and informing consumers on the length of time products will be supported is a minimum that any manufacturer should provide. These are all included in the IoXt compliance programme and have been well received by manufacturers around the world.

The new law builds upon world-leading work the government has already done to boost the security of smart devices, including publishing a code of practice for device manufacturers to boost the security of their products in 2018.

Last month the Digital Secretary Oliver Dowden set out his ten tech priorities which included keeping the UK safe and secure online and the government published its groundbreaking Integrated Review of defence and security.

The government also played a vital role in developing the first major international standard for consumer device cyber security to help manufacturers protect consumers around the world from falling victim to cyber attacks.

This standard has been supported by the Cybersecurity Tech Accord (CTA), an industry association whose members include Arm, Microsoft and Dell, and has also been promoted in Australia, Singapore, Finland and India – demonstrating Britain’s global influence as a cyber power.

Three new voluntary assurance schemes have been launched recently to give shoppers confidence a smart product has been made cyber secure, thanks to a £400,000 government grant.

• The Stockport-based Internet of Toys Assurance Scheme will allow parents to know from the outset whether a smart toy they are buying their children has been tested and meets the minimum security requirements

• The Smart TV Cybersecurity Certification programme will provide third-party testing and give confidence to buyers of smart TV products by allowing approved devices to display a certification logo

• The IASME IoT Security Assured initiative will be open to start-ups and smaller companies to carry out verified cyber security self-assessment of their products to ensure they meet high standards.

National Cyber Security Centre Technical Director Dr Ian Levy said:

Consumers are increasingly reliant on connected products at work and at home. The Covid-19 pandemic has only accelerated this trend and while manufacturers of these devices are improving security practices gradually, it is not yet good enough.

DCMS’ publication builds on the 2018 Code of Practice and ETSI EN 303 645 to clearly outline the expectations on industry. To protect consumers and build trust across the sector, it is vital that manufacturers take responsibility and pay attention to these proposals now.

It is also important to support uptake of good practice and provide industry with opportunities to innovate. I’m pleased to see the pilots, funded by DCMS, begin to test ways in which customers will be able to gain confidence in the security of these devices.

Annalaura Gallo, Head of the Cybersecurity Tech Accord secretariat, said:

Trust in technology is a key issue of our time and security is a fundamental building block to achieve this.

We welcome the leading role played by the UK Government in promoting a national and international focus on this issue in a way which is designed to drive up security without imposing onerous burdens on people creating new technology for consumers.

John Moor, Managing Director of the Internet of Things Security Foundation, said:

We welcome this announcement as a necessary and considered development to make consumers safer. As an expert body, we welcome the clarity it brings for our manufacturing members both now and moving forwards.

The Internet of Things is constantly evolving and security requirements must continue to keep pace. As such, the importance of vulnerability management and updating security software cannot be understated. In the words of one of our members: ‘remember, if it ain’t secure, it ain’t smart’.

Rocio Concha, Director of Policy and Advocacy at Which?, said:

New laws to tackle this issue are a crucial step as there are a vast array of connected devices with security flaws, many of which are currently on the market, that put consumers at risk from cyber criminals.

We share the government’s ambition to make the UK one of the safest places in the world for consumers to use smart technology and this must be backed up by strong enforcement, ensuring people can get effective redress when they purchase devices that fail to meet security standards and leave them exposed to data breaches and scams.

The government intends to introduce legislation as soon as parliamentary time allows.

ENDS

Notes to editors

Read the government’s consultation response on proposals for regulating consumer connected product cyber security.

The government commissioned Ipsos MORI to undertake a survey to explore consumer purchasing behaviour of, and attitudes to connected devices published today. It shows the popularity of smart devices is on the rise, with three in five consumers (57 per cent) reporting an increase in their use since the start of the pandemic.

The research also shows nine in 10 consumers (87 per cent) think smart devices should come with privacy and security features as standard, while only one in five (20 per cent) have previously checked to see if a new smart device has a default password which can make devices vulnerable to hacks.

The Integrated Review of defence and security sets the goal of cementing the UK’s position as a responsible and democratic cyber power and announced a commitment to publish a new National Cyber Strategy later this year. The strategy will set out how the UK intends to build a more resilient digital nation and realise the benefits that cyberspace can bring.

Last year DCMS and the NCSC also played an important role collaborating with global standards body European Telecommunications Standards Institute (ETSI) to develop the first major international standard for the security of smart devices, which will help protect consumers around the world from falling victim to cyber hacks through security vulnerabilities in devices bought on the global market.

Thank you Juan Pablo. And good afternoon ladies and gentlemen. My thanks to AthenaLab for hosting today’s event and to you all for giving your time and attention to join us today. I speak to you from the British Residence here in Santiago. Even though we cannot hold this event in person, I am glad that we are still able to meet and that AthenaLab is still able to continue its important business of exploring the key geo-political and strategic issues that concern us all.

Today is the first of what I hope is for me, many of engagements with AthenaLab and with you all, its active and engaged community in Chile and across the world.

I want to use today’s session to talk to you about my government’s Integrated Review of Security, Defence, Development and Foreign Policy, entitled “Global Britain in a Competitive Age”, the most comprehensive review of the United Kingdom’s overseas policy since the cold war.

Published in March, and produced under the direction of our Prime Minister, the review sets out the UK’s international strategy for this decade and beyond. It aims to provide a clear-eyed analysis of the United Kingdom’s capabilities, and the opportunities and the threats that we face in the world today and tomorrow.

The product of over a year’s work across government and of consultation with a huge range of external organisations and thinkers, the review offers our vision of the UK’s role in the world through to 2030 and the action we will take at home and with other countries, including here in Chile, to ensure that we are stronger, safer and more prosperous in a more competitive age.

A month after the review’s publication, I hope you would have all had the chance to read its some 111 pages. But whether you have read the review or not, I hope you will find today useful as I expand on what this new foundational text means for Britain’s relationship with the world and how its findings will shape the role the UK plays on the global stage.

Britain’s place in the world

I wanted to begin with the essential fact that the fortunes of the British people are, inextricably interlinked with events around the world. With limited natural resources, we have always earned our living as a maritime, trading nation. In 2019, as the fifth largest economy in the world, the UK sold goods and services overseas worth £690 billion—fully a third of our gross domestic product—sustaining millions of jobs and livelihoods across the UK, and connecting our economy to very nearly every other market in the world.

Of course, that outward, liberal, free trading perspective is why we enjoy such a close and historic relationship with you here in Chile, as well as across Latin America. Despite the pandemic, in 2020 the UK-Chile bilateral trading relationship was worth over £1.6 billion. Chile remains our third largest trading partner in the region.

That global perspective sits at the heart of the concept of Global Britain, a phrase that you will hear a lot today and that features prominently in the Integrated Review. It is an expression that aims to capture the international nature of the United Kingdom’s outlook as a people and as a country, tied to our history and to our future in the world.

Recognising threats

As we look out at the world, at the strategic context we now operate in, we see significant challenges and threats, with three dangerous and dominating trends emerging.

The first is the fraying of the world order that grew up after the Second World War and that seemed stronger than ever just a generation ago. Today, democracy is, it is fair to say, under stress. We see increasing competition between states over interests, norms and values, with authoritarian states and malign actors seeking to undermine the democratic systems and openness that underpin our way of life.

In fact, this decade, the combined GDP of autocratic regimes is expected to exceed the combined GDP of the world’s democracies. Tyranny will be richer than freedom. And that matters to us in the United Kingdom, and to you here in Chile and in other democracies across the world, because we know stable, freedom-respecting, democracies are much less likely to go to war, to house terrorists or to trigger large scale flows of immigration. Democracies are generally easier to trade with and easier to co-operate with to solve our shared problems.

The second trend is the rise of new threats. We have all become used to talking about asymmetric warfare since 11 September but technology, twisted to perverse causes, is creating dangerous new weapons and enabling ways to attack us that fall short of armed conflict.

As the United Kingdom, we know this all too well. Three years ago last month, the Russian state used a chemical weapon in Salisbury, killing an innocent British citizen, and bringing fear to a tranquil British city. At the same time states, terrorist groups and criminal gangs are exploiting technology to prey on our homes, our businesses and our infrastructure.

The third trend of our times is perhaps the most dangerous. That is the rise of what we can only consider as potentially existential threats. Threats to our civilisation, threats to large swathes of the world’s population, or even threats to our planet itself.

We can all see how COVID has shown just how interconnected we all are in the modern world. We face too the possibility of catastrophic climate change. And we see nuclear weapons technology proliferating, and a very real risk that it could fall into the hands of people who can’t be reasoned with.

Our response

Despite all these threats, we do not believe we should wallow in despair or frustration. Rather, we believe there are powerful reasons to feel optimistic about the future. For the United Kingdom but also for Chile, for the wider Latin American region and the world.

Our fraying international order can be repaired and reinforced. We can counter these new threats and these new challenges, as we have shown during this pandemic, through the collaboration of scientists to innovate new vaccines and of governments to strengthen equitable access to them.

We can demonstrate that the benefits of liberal democracies and free markets are the best model for the social and economic advancement of humankind. We can shape the norms that govern new technology to ensure we benefit while maintaining our security and freedoms. And we can ensure countries work together to tackle the biggest global challenges.

We believe Britain has a central, driving, role to play in all of this, working with our friends and allies, with countries that share our core convictions, such as Chile.

Strategic priorities

The first priority emerging out of the review is to grow and nurture the UK’s capacity for scientific and technological innovation in pursuit of sustaining and growing the UK’s strategic advantage. The rapid pace of change in technology is transforming aspects of all our lives, fundamentally reshaping our economy and society.

So the review sets out how the UK will harness our existing comparative advantage in tech and science to stake new ground as a science super-power and as a responsible and democratic cyber-power, to strengthen both our domestic prosperity and our international relationships.

To do this, we are increasing our government investment in advanced science and technology research to 2.4 percent of the UK’s GDP; we will invest £800 million to set up a new advanced research and invention agency that will back “breakthrough” technology; and we have established a National Cyber Defence Force capable of delivering offensive cyber operations

Our second strategic priority will be to double down on the UK’s post-Brexit, pioneering, strategic approach to free trade.

That is why since leaving the European Union, the UK has agreed trade deals with 67 countries, including Chile, as well as the EU, and that is why we have launched the UK’s negotiations to join the Comprehensive and Progressive Agreement for Trans-Pacific Partnership.

We are pleased that the Chilean government supports the UK’s accession to the treaty. Joining the £9 trillion free trade pact would strengthen the UK’s access to key, modern economies, such as Chile’s, and create new opportunities for future industries like tech and digital services, data, and renewable energy.

And alongside our efforts to reach new markets, the review sets out how we will work to strengthen the global trading system and update the global regulatory environment, especially on the environment, services and digital sector. We are committed to unblocking protectionism, to unleash the power of global free trade to help the world bounce back stronger, and bounce back greener, from the economic impact of the pandemic.

Investing in both our science and technology expertise and our economic resilience are vital elements of the third strategic priority articulated in the review, which is our security.

The UK has decided to invest an extra £24 billion in defence over the next four years, allowing the wholesale modernisation of the UK’s armed forces, restoring Britain’s position as the foremost naval power in Europe and taking forward the renewal of our nuclear deterrent.

Later this year, HMS Queen Elizabeth, the Royal Navy’s flagship aircraft carrier will embark on her maiden deployment, leading a carrier strike group on a 20,000-mile voyage to the Indo-Pacific and back, exercising with Britain’s allies and partners along the way and demonstrating the importance that we attach to freedom of the seas.

We will spend nearly £7 billion over next 4 years in defence-related research and development. Through the UK’s National Cyber Security Centre, and our partnerships with business, we will remain a world-leader in cyber-security. And through the UK’s new National Cyber Force, we are investing to stay ahead of the unholy alliance of hostile states and criminal gangs that prey on our PCs, tablets and our mobile phones, to steal, to spy or to spread lies.

We will continue too to adapt to meet the frankly predatory opportunism of states such as Russia, Iran, North Korea and some others.

The fourth and final strategic priority is for the UK to step forward as a force for good in the world.

From COVID to the threat of climate change, it has never been plainer that the UK’s national interest is inextricably bound up in tackling the international challenges that touch us all. We believe that as a government that we can, and we should, help alleviate the worst suffering in the world, that we have a moral responsibility and an indivisible stake in our planet, and the broader conditions of peace and stability that underpin them. So we are determined that the UK will join our friends to ensure that free societies flourish, sharing the risks and burdens of addressing the world’s toughest problems.

We see that clearly in the UK’s commitment to strengthening the global response to the Covid pandemic. The UK is the world’s leading contributor to the global vaccine alliances working flat out to defeat Covid-19, contributing £548 million towards COVAX, the international mechanism designed to ensure equitable, fair and rapid access to Covid-19 vaccines and £1.6 billion towards Gavi,. We do this not only to act on our sense of fairness but also because we know that in this global we will not be safe until everyone is safe.

That same commitment to fairness and to justice means that we will continue to support open societies and defend human rights. The UK has lead the international community’s condemnation of the military coup in Myanmar, swiftly introducing sanctions targeting military figures for serious human rights violations. We will continue too to lead the international community in expressing our profound concern over China’s mass detention of the Uyghur people in Xinjiang province and to urge China to uphold its freely assumed international human rights obligations. And it is why we have also have offered a place—a refuge and abode —to 3 million Hong Kong Chinese who may be in fear of persecution as a result of what is happening in Hong Kong.

Conclusion

To conclude, and as we look ahead, 2021 offers us, as the United Kingdom, a unique opportunity to redefine and re-establish the Great Britain’s place in the world. We hold the Presidency of the G7. And we will succeed Chile as we take on the Presidency of the 26th UN Climate Change Conference in November. Our departure from the EU has provided us a unique opportunity to reconsider many aspects of our domestic and foreign policy, building on existing friendships but also looking further afield.

The Integrated Review sets out how we will go about doing that. With the extra investment and new capabilities it provides, we believe United Kingdom can thrive in an ever more competitive world and fulfil our historic mission as a force for good, maximising the opportunities for the UK but also inspiring others to follow us in standing up for what is right.

I look forward to hearing your reflections and to continuing the discussion. Back to you Juan Pablo.

Thank you very much for joining us. I’m joined today by Dr Nikki Kanani.

There is no doubt at all that this country is continuing to make progress in the fight against Covid.

We are proceeding with our roadmap

and I want to thank everybody for continuing to follow the guidance

and to thank parents and families for the incredible work you are doing to help test pupils through the Easter holidays

and to encourage you to keep testing them twice a week as schools return. And above all I want to thank everybody involved in the outstanding vaccine roll-out

especially those of you coming forwards in huge numbers as you are.

19 out of 20 of those who’ve had a first dose are coming forward for a second

meaning that almost 1 in 5 of all adults have now had a second dose.

And on first jabs we’ve now vaccinated 33 million people

including 60 per cent of the 45-49 year olds.

And we know that this vaccination programme is making a big difference.

We know that it’s helping to reduce suffering and save lives

potentially on a very big scale.

But we don’t yet know the full extent of the protection that we are building up

the exact strength of our defences –

and as we look at what is happening in other countries with cases now at record numbers around the world, we cannot delude ourselves that Covid has gone away.

I see nothing in the data now that makes me think we are going to have to deviate in any way from the roadmap cautious but irreversible that we have set out.

But the majority of scientific opinion in this country is still firmly of the view that there will be another wave of covid at some stage this year

and so we must – as far as possible – learn to live with this disease, as we live with other diseases.

We will be bolstering our defences with booster jabs this Autumn,

we’ll be continuing with testing,

and today I want to announce what we hope will be a further line of medical defence.

The United Kingdom was the first country in the world to pioneer dexamethasone, which has saved a million lives globally.

And today we are creating a new Antivirals Task Force

to search for the most promising new medicines and support their development through clinical trials

with the aim of making them safely and rapidly available as early as the Autumn.

This means, for example, that if you test positive there might be a tablet you could take at home to stop the virus in its tracks and significantly reduce the chance of infection turning into more severe disease. Or if you’re living with someone who has tested positive, there might be a pill you could take for a few days to stop you getting the disease yourself.

And by focussing on these antivirals we hope to lengthen the UK’s lead in life sciences

and to give ever greater confidence to the people of this country that we can continue on our path towards freedom.

We have a taken a big step again this month, reopening significant parts of our country again,

and for many people this last week has brought the first glimmerings of a return to normality

having a pint, having a haircut, making that trip to the shops.

Every day science is helping us to get back towards normality

and I believe that antiviral treatments can play an important part.

And if we keep going, follow the rules

remember hands, face, space, fresh air –

then we can keep each other safe and see through our roadmap to reclaim our lives in full.