World Password Day and the PSTI Act

2 May 2024News

The convergence of World Password Day and the implementation of the PSTI Act highlights legal obligations

The inception of the Product Security and Telecommunications Infrastructure (PSTI) Act in the UK on May 2nd heralds a paradigm shift in regulatory compliance. Coinciding with this milestone, World Password Day assumes newfound significance as legal imperatives intersect with cybersecurity protocols.

The PSTI Act mandates stringent measures to counter cyber vulnerabilities inherent in internet-connected devices, necessitating the prohibition of easily decipherable passwords such as "admin" or "12345." This legislative framework imposes obligations on manufacturers to uphold elevated security standards, compelling meticulous adherence to prescribed protocols across diverse product categories.

Bernard Montel, EMEA Technical Director and Security Strategist at NASDAQ-listed Tenable, highlights the legal ramifications of default credentials utilised by myriad devices. Bernard Montel emphasises the need for legal practitioners to adopt a proactive stance in addressing potential vulnerabilities, advocating for comprehensive audits to mitigate legal liabilities arising from cyber breaches.

Bernard Montel states, "The majority will have factory set default credentials that were never changed when installed that are either a simple to guess password and username combination - such as 'Admin' and '12345' or an internet search will disclose what the password is likely to be."

Against a backdrop of escalating cyber threats, with UK businesses grappling with the repercussions of 7.78 million cyber attacks in 2024, legal professionals are tasked with safeguarding client interests amidst evolving regulatory landscapes. Password hygiene emerges as a pivotal aspect of legal counsel, necessitating meticulous adherence to prescribed standards to mitigate legal exposure.

As legal practitioners commemorate World Password Day, they are urged to adopt a holistic approach to cybersecurity, transcending traditional legal paradigms to navigate the complexities of digital risk management. In embracing this multifaceted strategy, legal professionals can proactively safeguard client interests and uphold the integrity of legal engagements in an increasingly digitised landscape.

Legal News desk contact: editorial@solicitorsjournal.com

Latest Articles

Australia's proposed reforms for preventing psychological injuries

In Australia, the NSW government's proposed reforms aim to reduce psychological injury claims in the workplace and focus on prevention

The Planning and Infrastructure Bill heralds a major change in approach for developer impacts on protected sites and species

Richard Broadbent, a Director at Freeths, shares his thoughts on the savage decline in biodiversity and whether the government’s Planning and Infrastructure Bill could be the gamechanger needed to address the housing crisis in a way that adequately protects the environment