UK Product Security and Telecommunications Infrastructure Act.
The UK PSTI Act mandates baseline cybersecurity requirements for consumer connectable products sold in the UK, banning default passwords, requiring vulnerability disclosure policies, and mandating minimum security update periods.
Maximum penalty
£10M or 4% global revenue
Source: PSTI Act 2022
Key requirements
Ban on universal default passwords
Vulnerability disclosure policy
Minimum security update period transparency
Statement of compliance
+1 more requirements in the complete guide.
Get the full UK PSTI compliance guide →Enforcement examples
Application from April 2024
OPSS enforcing from April 29, 2024; first compliance checks underway
-
2024
How Tessera automates UK PSTI compliance
Default password compliance scanning
Vulnerability disclosure policy management
Security update lifecycle tracking
Compliance statement generation
UK PSTI compliance checklist
Essential steps to achieve and maintain UK PSTI compliance.
Eliminate universal default passwords
Publish vulnerability disclosure policy
Declare minimum security update period
+2 more steps in the full checklist.
Get your complete UK PSTI compliance checklist - free →Industries affected
Calculate your UK PSTI exposure.
See exactly how UK PSTI penalties apply to your revenue and industry profile.