Last updated on October 4, 2025
NO (heading to required controls) — Australia’s 2023–2030 Cyber Security Strategy and associated consultation materials explicitly propose legislative reforms aimed at raising baseline security across the economy, including secure-by-design standards for IoT devices, mandatory ransomware reporting and stronger rules for critical infrastructure. While consultation/implementation timetables vary, the government’s official strategy and consultation papers make clear regulators and law-makers are moving to limit the sale of very low-security IoT at scale and to introduce standards or codes to lift minimum security requirements. So selling large volumes of completely insecure IoT hardware is increasingly inconsistent with official Australian policy and future regulation.
https://www.homeaffairs.gov.au/cyber-security-subsite/files/2023-cyber-security-strategy.pdf
11/14/2023