09/03/2026
🚨 NEW CYBER SECURITY RULES FOR SMART DEVICES IN AUSTRALIA
Cyber Security Rules Impacting Smart Devices in Australia
The Australian Government has introduced mandatory cyber security standards for smart devices under the Cyber Security Act 2024 and the Cyber Security (Security Standards for Smart Devices) Rules 2025. These new requirements are designed to ensure that internet-connected devices sold in Australia are secure by design and protected against common cyber threats.
The rules will come into effect on 4 March 2026, giving manufacturers and suppliers a transition period to ensure devices comply before being sold in the Australian market.
🚨 Why This Matters for the Security Industry
Connected devices such as IP cameras, smart alarms, routers, and access control systems are now part of everyday security infrastructure. Weak cyber security in these devices can allow attackers to:
• Access CCTV systems
• Control smart alarms or sensors
• Breach networks connected to security systems
• Use devices in botnet attacks
The new rules aim to ensure these devices are built with minimum security protections before they reach consumers.
📋 Key Mandatory Security Requirements
Under the new rules, manufacturers and suppliers must ensure smart devices include:
1️⃣ No Universal Default Passwords
Devices must not ship with shared default passwords. Each device must have a unique password or require the user to create one.
2️⃣ Vulnerability Reporting
Manufacturers must provide clear channels for reporting security vulnerabilities so cyber weaknesses can be fixed quickly.
3️⃣ Security Update Support Period
Manufacturers must declare how long the device will receive security updates to ensure ongoing protection.
4️⃣ Compliance Documentation
Suppliers must provide a statement of compliance confirming the device meets Australian cyber security standards.
🛡 What This Means for the Security Industry
For installers, integrators and security providers:
✔ Devices must meet minimum cyber security standards
✔ Manufacturers and suppliers must demonstrate compliance
✔ Cyber security will become part of security system compliance
This represents a major shift in the security sector, where physical security and cyber security are now tightly linked.
📢 SAIWA Industry Message
The Security Agents Institute of Western Australia (SAIWA) supports initiatives that strengthen the integrity and safety of security systems used across the community.
With the increasing use of connected CCTV, smart alarms and remote monitoring platforms, cyber security must be considered a core part of professional security practice.
📍 Key Takeaway
Security systems are no longer just physical protection — they are networked technology.
From 2026, devices used in security installations must meet national cyber security standards to protect businesses, consumers and critical infrastructure.
✔ Learn more:
https://www.homeaffairs.gov.au/about-us/our-portfolios/cyber-security/security-standards-for-smart-devices
The security industry must now consider cyber security as part of system compliance.
SAIWA supports stronger standards to protect businesses, consumers and the integrity of security systems.
👉 Learn more:
www.saiwa.com.au
