For Companies

One step ahead in ensuring information security

Taking information security into account when designing a product or service may increase its value considerably – giving your company an important competitive advantage. Competition in the smart device market is intense, and winners are those who can provide consumers with the most reliable, ready-to-use package.

Our information security environment has become more challenging because of increased cybercrime. The information security of a product is an important quality aspect for consumers because poorly protected devices compromise their information security. Many companies have already improved the security of their products in many ways. The Cybersecurity Label is one way to tell your customers that your company is ready for the future. It shows that an independent party has confirmed that your product is secure – you do not need to rely merely on images to market the product.

The Cybersecurity Label allows your company to be a pioneer in information security matters and helps you prepare for the international information security requirements of the future. Harmonised requirements will be set for smart devices by European standardisation and regulation. Other international organisations are also drafting regulation to respond to changes in the information security environment.

Prepare for EU regulation

The Cybersecurity Label is strongly based on development at European level and aims for consistency with future obligations. Instead of seeing new rules and standards as a necessary evil, companies should approach them as a way to get one step ahead of others in information security matters. By preparing actively for future regulation, manufacturers can show consumers that they genuinely care about the security of their products.  

The EU Radio Equipment Directive (RED) was supplemented with mandatory information security requirements in February 2022. The Regulation supplementing the RED provides for a transition period for equipment manufacturers, but starting from 1 August 2024 wireless devices placed on the market must comply with the new requirements. The requirements concern, for example, radio equipment that are connected to the internet directly or via other equipment, such as WLAN devices and smart watches.

Read more about the conformity of radio equipment

We at the NCSC-FI at Traficom have also identified other EU law that will affect the security features of products. We actively follow the regulatory developments and make the necessary adjustments to the Cybersecurity Label requirements.

Read more about international development

Win over consumers with corporate responsibility

Corporate responsibility goes beyond environmental issues and production methods – it covers all of a company’s activities. The Cybersecurity Label is a simple way to communicate responsibility and your company’s ability to take into account how important it is to protect consumers’ privacy and information security.

According to a consumer survey commissioned by Traficom, information security has a major impact on purchase decisions. According to the survey, approximately 80% of Finnish consumers say they examine information security features when buying a smart device, and up to 80% of consumers would be influenced by a well-known and reliable information security label.

Security brings competitive advantage and brand value

By obtaining the Cybersecurity Label for your product or service, you can meet the wishes of customers struggling with information security risks. The Cybersecurity Label is a simple, ready-to-use tool for communicating to customers that you genuinely care about their security. The label also tells customers that the security of your product or service has been assessed by an independent public authority.

According to the consumer survey commissioned by Traficom, three quarters of consumers would be willing to pay more for a product or service if they knew it was secure. Taking care of users’ information security is considered valuable from both consumers’ and investors’ perspectives.

Finnish Cybersecurity Label recognised in Singapore

Companies may be granted both the Finnish Cybersecurity Label and the Singaporean IoT Cybersecurity Label at once, with a single application process. The Finnish Cybersecurity Label meets the criteria of level 3 in the labelling scheme used in Singapore (level 4 being the highest). For more information, please contact cybersecuritylabel@traficom.fi.

Read more about the Cybersecurity Label in Singapore (External link)

Influence information security standards

Applying for the Cybersecurity Label is voluntary. Companies applying for the label get to have direct contact with the experts at the NCSC-FI at Traficom to discuss security issues and future prospects concerning IoT devices. It is easier for pioneering companies to prepare for and influence future EU regulation and international standards. The Cybersecurity Label requirements are based on the European ETSI EN 303 645 standard, a collection of information security requirements for consumer devices connected to the internet.