International cooperation helps Finnish businesses enter the market of secure smart devices

For Finland, the mutual recognition scheme is all the more significant because Singapore is one of the most technologically advanced countries in the world. Because of the cooperation published today, products can fulfill the requirements of both the Finnish Cybersecurity Label and Singapore’s Cybersecurity Label at once, with a single application process. Uniform requirements allow products or services that meet the security criteria of both labels to be placed on the market in both countries. This facilitates product and service design and helps reduce production costs.

Finland and Singapore pioneers in developing the information security of smart home devices and international cooperation

The mutual recognition agreement is based on long-term cooperation in which the authorities have examined and compared the requirements and procedures for issuing cybersecurity labels in Finland and Singapore. The requirements set in the labelling schemes of both countries are based on a European standard, which allows the national labels to also be used in other countries. This means that the Cybersecurity Label opens up new markets for Finnish companies and their secure consumer devices and services. As the labels become more common, the range of secure smart home devices on offer is likely to widen.

“The cooperation with our Singaporean colleagues has been extremely rewarding. We have been able to share our experiences of the key features of smart devices and the main related threats. I am delighted to see our work result in a concrete outcome in the form of a cooperation agreement,” says Deputy Director-General Sauli Pahlman from the National Cyber Security Centre Finland (NCSC-FI) at the Finnish Transport and Communications Agency Traficom.  

Path towards certified consumer products and services

The importance of information security in connected products and services has been recognised across the world, including in the European Union. The rapid increase in the number of vulnerabilities detected in connected devices raises concern. For example, based on the observations of the NCSC-FI in recent years, connected devices make up more than half of all vulnerable devices. Smart devices are also an increasingly integral part of daily life for consumers, which makes their information security and privacy protection features ever more important. In the EU, these concerns are reflected in the legislation being drafted. The aim is to adopt a legal framework for a certificate attesting the information security of connected products and services and for the related requirements and certification procedures.

“The Cybersecurity Label paves the way for Finnish companies towards the EU certificate and opens up completely new markets for their products. The Cybersecurity Label is an outcome of the NCSC-FI’s future-oriented work, efforts to monitor cybersecurity phenomena and long-term international cooperation to build more secure societies. It is important to create an agile certification scheme at EU-level so that we can better ensure the security of products and services offered to consumers. The NCSC-FI will play a key role in this work,” says Traficom’s Director-General Kirsi Karlamaa. 

Traficom works to influence the EU certification scheme so that products and services that have been granted the Finnish Cybersecurity Label would also meet most of the requirements for the EU certificate. This would make it easier for Finnish companies to apply for an EU certificate for their products and services.