Singapore, Japan: Mutual Recognition of IoT Cybersecurity Labelling Schemes

The explosion of connected devices has outpaced the development of consistent security standards, leaving consumers vulnerable and regulators scrambling. Around the world, governments are introducing voluntary or mandatory labeling schemes that rate a product’s cyber‑defence capabilities, much like energy‑efficiency labels for appliances. Singapore’s Cybersecurity Labelling Scheme (CLS), launched in 2020, assigns one to four stars based on testing rigor, while Japan’s Cyber STAR (JC‑STAR) follows a similar tiered approach. These frameworks aim to make security transparent, encourage manufacturers to embed stronger safeguards, and build trust in the burgeoning Internet‑of‑Things market.

The new Memorandum of Cooperation, effective 1 June 2026, creates a two‑way bridge between CLS and JC‑STAR, allowing a device certified in one jurisdiction to obtain the counterpart label through a streamlined process. For manufacturers, this eliminates duplicate testing, cuts time‑to‑market, and reduces compliance expenses, especially for products such as smart speakers, home‑automation hubs and IoT gateways that are sold across the Asia‑Pacific region. By recognizing each other’s assessments, Singapore and Japan also signal to global suppliers that meeting either set of criteria is sufficient to access both markets.

Japan becomes the fifth country to sign a mutual‑recognition pact with Singapore, joining Finland, Germany, South Korea and the United Kingdom in a growing network of aligned cyber‑resilience policies. This collaborative model could accelerate the emergence of a de‑facto international standard for IoT security, prompting other economies to adopt similar agreements or converge on a unified labeling framework. While harmonisation eases regulatory burdens, it also raises questions about oversight consistency and the ability to update standards quickly in response to emerging threats. Nonetheless, the partnership marks a significant step toward a more secure, interoperable digital ecosystem.