Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

'Cyber kangaroo' ratings for IoT security? Jump to it, says Australia's cyber security minister

Proposed labelling scheme will try to match similar efforts in UK, USA

Australia's government hopes that somewhere in the world, a vendor of consumer-grade connected electronics is willing to admit it's rubbish at security by giving itself a low score in a proposed safety rating system.

The idea of security ratings for internet things emerged during last year's 360° Cyber Security Game, co-hosted by the Australian National University's National Security College and Rand Corporation. Vulture South's Simon Sharwood was a participant in the games, and was even a member of the team that suggested a star-rating scheme.

The report [PDF] that summarised the Game made detailed the idea as follows:

One proposed solution was to create a check-mark system for quality assurance of cyber devices that is both visible on device packaging and understandable to consumers. Exercise participants colloquially described this as a ‘cyber kangaroo’ logo. Local governments, together with industry, have an opportunity to develop a framework for the cyber kangaroo, including the design of the measurement criteria and enforcement and monitoring mechanisms. This group could also consider how to respond the first time a product with the cyber kangaroo logo is hacked and who would be responsible for responding to such an attack.

(The Register emphasises the “cyber kangaroo” was, we assure you, someone else's idea.)

Fairfax Media now reports that Australian bureaucrats have been in touch with companies like Amazon, Google, Microsoft, Telstra, Optus and others over the scheme.

Dan Tehan, Australia's minister assisting the prime minister for cyber security, has pointed to draft legislation in America and said “this is something we might need to look at”.

He also said talks had begun to try and make sure Australia, the USA and Britain could take a harmonised approach to any legislation. ®

Bootnote: Vulture South saw plenty of comic potential in the idea of product labelling, but moved too slowly. Infosec researcher Troy Hunt summed up the issue nicely here.

Similar topics

Similar topics

Similar topics

TIP US OFF

Send us news


Other stories you might like