Global Regulatory Intelligence

Access comprehensive worldwide regulatory data

Singapore

Certification Process Labelling Testing SRD WLAN 2.4 GHz 5.1 GHz (U-NII-1) 5.2 GHz (U-NII-2a) 5.4 GHz (U-NII-2c) 5.8 GHz (U-NII-3) 60 GHz In Force

Cybersecurity Labelling Requirements for Residential Routers

The Cyber Security Agency of Singapore is upgrading mandatory cybersecurity requirements for residential routers from CLS Level 1 to Level 2. This transition, expected by the end of 2027, mandates enhanced security measures including secure communications and robust data storage.

Type

Application Process Regulation

Last Updated

01-APR-26

Cybersecurity Labelling Requirements for Residential Routers

The Cyber Security Agency of Singapore (CSA), in collaboration with the Infocomm Media Development Authority (IMDA), oversees the cybersecurity standards for Internet-of-Things (IoT) devices. This includes the mandatory Cybersecurity Labelling Scheme (CLS) for residential routers sold in Singapore.

Regulatory Update and Transition

The Singapore government has announced an upgrade to the mandatory cybersecurity requirements for residential routers. The requirement will transition from CLS Level 1 to CLS Level 2. This modification is intended to address sophisticated cyber threats targeting encryption, authentication, and data storage.

Effective Date: The new requirements are expected to come into force by the end of 2027.

Scope: All residential routers intended for sale in the Singapore market.

Requirements for Testing and Conformity

To obtain certification and the corresponding CLS label, devices must undergo assessment based on the tiered labelling system. Manufacturers must ensure routers meet the following criteria:

Level 1 (Existing Requirements): Includes unique default passwords, active vulnerability management processes, and provision of regular software updates.

Level 2 (Upcoming Mandatory Requirements): In addition to Level 1 criteria, devices must incorporate:

Secure communications protocols.

Secure storage of sensitive data.

Robust authentication mechanisms to protect user data and privacy.

Application and Submission

Manufacturers must apply through the CSA to have their products rated and labeled under the tiered system. While Level 1 is currently the baseline for market entry, manufacturers are encouraged to begin aligning production with Level 2 standards ahead of the 2027 deadline. The process involves demonstrating that the device meets the technical security measures defined by the CSA.

Contact Information

For further information on the Cybersecurity Labelling Scheme and submission procedures, manufacturers may contact the relevant authorities:

Regulatory Body: Cyber Security Agency of Singapore (CSA).

Collaboration Partner: Infocomm Media Development Authority (IMDA).

Online Resources: The CSA Internet Hygiene Portal and official press releases for updated technical guidelines.

Key Dates

December 31, 2027

Date of Entry into Force

The new CLS Level 2 requirements are expected to come into force by the end of 2027.

Stay Ahead of Regulatory Changes

Get full access to our comprehensive database of global regulations, real-time updates, and expert analysis.

Global Regulatory Intelligence

Cybersecurity Labelling Requirements for Residential Routers

Type

Last Updated

Related Documents

Government to Raise Cybersecurity Labelling Requirements for Residential Routers

Cybersecurity Labelling Requirements for Residential Routers

Key Dates

Stay Ahead of Regulatory Changes