South Korea seeks to expand IoT secure devices in Asia Pacific

By Kuksung Nam, The Readable
Dec. 15, 2023 8:08PM GMT+9

South Korea is seeking to expand its security-certified Internet of Things (IoT) devices globally as it takes its first step towards broadening its market in the Asia Pacific region.

On December 14 in Singapore, the Korea Internet & Security Agency (KISA) and the Cyber Security Agency of Singapore (CSA) signed a memorandum of understanding concerning safety standards for IoT devices. In the coming months, the two nations will collaborate to establish shared IoT safety protocols. Once approved, devices certified as safe in one nation will automatically receive the same designation in the other, which will ease trade in such devices between the countries.

Oh Jin-young, vice president of KISA, on the left, and Chua Kuan Seah, the deputy chief executive of CSA signed a memorandum of understanding on cooperation in IoT security on December 14. Photo provided by the Cyber Security Agency of Singapore (CSA)

South Korea has been operating its security certification system since late 2017 to protect consumers from security risks inherent to internet-connected digital devices. Each level is based on the product’s software complexity; for instance, devices with minimal software are advised to pursue ‘lite’ certification, while consumer electronics are encouraged to obtain the ‘standard’ certification. Although obtaining certification is not mandatory under the law, South Korean government agencies encourage manufacturers to conform to these standards in the areas of smart homes, transportation, medical devices, manufacturing, financial services, and the communications industry.

Singapore has its own classification system, called ‘Cybersecurity Labelling Scheme’ (CLS), which was introduced in 2020. Its purpose is to raise the overall cyber hygiene of consumer smart devices and assist manufacturers in gaining higher ground than those of their competitors in the local market. The CLS is classified into four categories, from level 1 to level 4. Like the South Korean model, producers of IoT devices are not obliged to obtain certification, with the exception of Wi-Fi routers, which must have level 1 certification to be sold in the Singaporean market. Level 1 designates the product as being qualified, as it meets the basic security requirements required under the nation’s standards, such as ensuring unique default passwords and providing software updates.

The South Korean government expects that the mutual recognition agreement (MRA) will hugely benefit the nation’s domestically produced security certified IoT device industry, for it will liberate South Korean companies from the difficulty and expense required to meet Singapore’s specific security and safety requirements. According to the Ministry of Science and ICT, the South Korean government plans to sign the mutual recognition agreement in the latter half of next year.

Furthermore, in taking this step, South Korea is looking to the future, as the agreement could be a steppingstone for the nation to expand its presence in the global market for IoT devices. Singapore signed a memorandum of understanding with Finland in 2021 to mutually recognize one another’s cybersecurity labels and designations. In 2022, Singapore and Germany signed the mutual recognition arrangement (MRA), ensuring that smart consumer products with Germany’s IT Security Label have fulfilled Singapore’s CLS to level 2.

“Singapore is one of the countries that is actively promoting IoT security certification,” said Jung Eun-su, director of Cyber Security & Network Policy Bureau at the Ministry of Science and ICT to The Readable. “Singapore has already built a mutual system with European countries. From Singapore, we could expand our market for certified products to European countries in the future.”

The cover image of this article was designed by Sangseon Kim. This article was copyedited by Arthur Gregory Willers.

Kuksung Nam is a journalist for The Readable. She has extensively traversed the globe to cover the latest stories on the cyber threat landscape and has been producing in-depth stories on security and privacy by engaging with industry giants, foreign government officials and experts. Before joining The Readable, Kuksung reported on politics for one of South Korea’s top-five local newspapers, The Kyeongin Ilbo. Her journalistic skills and reportage earned her the coveted Journalists Association of Korea award in 2021 for her essay detailing exclusive stories about the misconduct of a former government official. She holds a Bachelor’s degree in French from Hankuk University of Foreign Studies, a testament to her linguistic capabilities.