The government is seeking views on how to tackle the issue of IoT security
The Department for Science, Innovation and Technology (DSIT) is seeking views on the cyber security of enterprise connected devices, also known as Internet of Things (IoT) devices.
These devices, such as office printers, internet-connected telephones, building entry systems and room booking systems, are widely used by businesses and organisations. Security vulnerabilities in these products can provide entry points for cyber attacks.
As part of the government’s work to address this issue, the government commissioned NCC Group to conduct a vulnerability assessment of some commonly-used IoT devices. Significant vulnerabilities were found and, in response, DSIT has developed a draft Code of Practice for Enterprise Connected Device Security and is considering a range of policy options.
This call for views is open to businesses, organisations and the public. Responses will inform future policy to improve the security of connected devices and support the resilience of the UK economy.
The deadline for responses is 1159pm on 7 July 2025.
How to respond
Respond online or write to
Cyber Security & Digital Identity Team
Department for Science, Innovation and Technology
3rd Floor, 22 Whitehall, London SW1A 2EG
Find out more about this call for views on enterprise connected device security.
First published 12 May 2025
