Advancing Global Cybersecurity: Tuya Smart Shares Industry-Leading IoT Security Practices at Cyber Norms Forum

WASHINGTON, July 27, 2023 /PRNewswire/ — Tuya Smart (NYSE: TUYA, HKEX: 2391), a global IoT developer service provider, today shared its extensive cybersecurity approaches at a cyber norms forum hosted by the Research Center for Global Cyberspace Governance (RCGCG) with the aim of securing rapidly advancing tech frontiers.

With the theme “Cyber Norms: Legal, Policy & Industry Perspectives”, the event assembled a team of cyberspace and international relations experts from institutions, organizations and companies such as Massachusetts Institute of Technology, U.S.-China Business Council, Hathaway Global Strategies LLC and Tuya Smart. The attendees discussed the current cybersecurity landscape, norms for emerging technologies and how the private sector can best combat cyber risks.

The experts acknowledged the existing fragmentation in the cyber norm ecosystem. However, rather than viewing it as detrimental, participants saw this as an opportunity to broaden the base of stakeholders and deepen understanding of normative expectations within relevant communities.

“The forum plays a vital role in promoting international cooperation in developing cyber norms,” said Professor Lu Chuanying, Secretary General of RCGCG. “It’s vital to bring together diverse perspectives, particularly in the face of rising geopolitical tensions that spike cybersecurity risks.”

Private-sector representatives at the event echoed this sentiment, recognizing collaboration is critical, and the time is now to enhance cyber norms and remove obstacles that are stifling mutual confidence.

Tuya Smart outlined its holistic approach to cybersecurity leadership at the forum. The company was recognized as an exemplar for its cybersecurity best practices in the 2022 Global IoT Security White Paper, jointly prepared by RCGCG and ioXt, the global standard for IoT security. (The paper is available at https://www.ioxtalliance.org/content-and-resources)

As a showcase of key initiatives, Tuya displayed a range of actions from acquiring international third-party security certifications, to the formation of the Tuya Security Team, and the establishment of six data centers globally which can provide rapid response and stability for customers around the world.

Tuya said it fully embraces and supports the 12 initiatives to safeguard global IoT security proposed by RCGCG and ioXt, and national-level security standards, such as the U.S. cybersecurity labeling program and China’s Global Initiative on Data Security. These crucial standards act as a bulwark against the fragmentation of IoT cybersecurity standards and help differentiate trustworthy products in the marketplace.

“As the digital realm expands and new technologies increase connectivity, IoT security is becoming more critical,” said Jemma Shi, Tuya Privacy and Compliance Director. “Committed to boosting IoT security and improving user experience for smart device consumers, Tuya adds value to the collective goal of fortifying cyber defense. Our commitment to high security standards has been recognized internationally, and we’re looking to work with partners worldwide to build a safe, open and resilient IoT ecosystem.”

As demand for data privacy and transparency continues to rise, Tuya’s emphasis on compliance and security is more vital than ever.

On the global compliance front, Tuya has proven its maturity in cybersecurity and data protection through Ernst & Young’s SOC 2 Audit program. In meeting regional standards, Tuya has earned TrustArc’s validations for GDPR and CCPA compliance. In terms of product safety, Tuya has demonstrated commitment by securing TÜV SÜD’s EN 303645 and NIST IR 8259A certifications.

Discussions at the forum also touched on concerns about potential data sharing by Chinese companies with Chinese authorities. Professor Lu pointed to China’s Global Initiative on Data Security, which highlights China’s commitment to respecting the data sovereignty, jurisdiction, and governance of other countries, and not asking companies to transfer data obtained overseas in violation of other countries’ laws.

“The creation of global data security rules rests on the involvement of all stakeholders,” Professor Lu noted. “Such rules should reflect the wishes of all nations and respect the interests of all parties. Only then can we build a fair and secure digital ecosystem.”