Endpoint Security , Internet of Things Security , Standards, Regulations & Compliance

European IoT Manufacturers Lag in Vulnerability Disclosure

Research Firm CEO Says IoT Makers Treat Cybersecurity as Somebody Else's Problem
European IoT Manufacturers Lag in Vulnerability Disclosure

European internet of things vendors lag behind other countries in adopting vulnerability disclosure programs, a study finds.

See Also: How to Build a Micro-Segmentation Strategy in 5 Steps

A report by British mobile and IoT security research firm Copper Horse* shows that only 27% of the 332 IoT companies across the globe reviewed for the study have a dedicated vulnerability disclosure policy. Of these, IoT vendors from Europe fare the worst in vulnerability disclosure adoption in comparison to Asian and North American companies.

The percentage of Asian and North American companies that have a dedicated vulnerability disclosure plan is 37% and 33%, respectively, while only 14% of the European vendors - 76 were surveyed - have similar policies in place, according to the study.

The European Commission in September proposed legislation known as the Cyber Resilience Act that would make vulnerability disclosure policies mandatory.

Copper Horse CEO David Rogers says manufacturers don't think cybersecurity is their problem.

"It is astonishing to me that even with the writing on the wall - potentially massive fines ahead of them - they're still doing nothing," Rogers tells Information Security Media Group. "To me, it entirely justifies the government interventions we're seeing across the world. These companies are collectively putting society at very serious risk."

*Correction Jan. 26, 2023 21:13 UTC: Fixes name of Copper Horse, which we earlier misspelled.


About the Author

Akshaya Asokan

Akshaya Asokan

Senior Correspondent, ISMG

Asokan is a U.K.-based senior correspondent for Information Security Media Group's global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.