Enhancing Confidence Among the Ecosystem and Consumers: A Conversation with Tuya Smart’s Joy Liu
In our interview, we sat down with Joy Liu, the Chief Information and Security Officer at Tuya Smart. In this discussion, Joy delves into the dynamics of the rapidly evolving world of connected devices including not only the rise of consumer demand but also higher expectations for product customization and privacy protection.
Joy provides valuable insights into the true potential of the IoT landscape and talks on how Tuya Smart is navigating the complexities such as inconsistent specifications and standards and maintaining security on large-scale IoT. Join us as we explore the challenges and opportunities that are shaping the future of IoT security and compliance.
Q1. What are some of the greatest pressures facing your sector?
The popularization of the Internet of Things faces many pressures and challenges.
Firstly, with the continuous implementation of the IoT on a large scale, security incidents occur frequently, making data security and privacy protection core issues and important challenges that the industry needs to address.
Secondly, many current smart products are designed to be smart for the sake of being smart. They fail to proactively identify and meet the users’ needs in terms of human-computer interaction and convenience, leaving room for improvement in user experience.
Lastly, the industry lacks consistent specifications and standards, resulting in isolated brands or platforms in different industries and different smart products, making it difficult to achieve interconnection and interoperability.
Q2. In your opinion, how do regulations, time-to-market, and security interact, and impact innovation?
The interaction between regulations, time-to-market, and security has a significant impact on innovation. The establishment of compliance requirements and security standards can protect user data and privacy, providing a stable and trustworthy environment for businesses. However, in some industries, the process of formulating, complying with, and proving compliance can take time and resources, which may result in delays in product time-to-market. Nonetheless, security and compliance are the foundation for sustainable innovation and user trust, and should not be overlooked. We need to balance innovation and compliance while ensuring the safety and market compliance of products.
In summary, regulations set the boundaries that should never be crossed, while security needs to be considered in conjunction with product features, use cases, planning, and costs, based on compliance requirements. Security requirements and baselines should be established and implemented through a comprehensive evaluation. Time-to-market, on the other hand, is primarily driven by business considerations and should only be addressed once regulatory and security requirements are met.
Q3. How have you seen customer/consumer demand change over time in your industry?
With the continuous development of technology, there have been significant changes in customer and consumer demands in the Internet of Things industry. They have an increasing demand for connected devices, hoping to enjoy a more secure, smarter, and more convenient life and work experience. Consumers also have higher expectations for product customization, data security, and privacy protection. We need to constantly understand market demands and adapt quickly to ensure that we meet customer expectations.
Q4. What can we do collectively to enhance trust in the ecosystem, and among consumers more widely?
To enhance trust among the ecosystem and consumers, we can take the following measures:
- Strengthen data security and privacy protection measures to ensure that user data is not abused or leaked
- Provide transparent and clear user agreements and privacy policies, enabling users to understand clearly how their personal information is handled.
- Actively adopt security and encryption technologies to ensure the security and reliability of connected devices.
- Proactively disclose security and risks, enhancing user trust in products and services.
- Establish industry standards and compliance frameworks to promote healthy competition and regulatory development. We’re pleased to have recently achieved PSA Certified Level 1, which is a measurement of security best practice, and helps us demonstrate our security credentials to our customers.
By implementing these measures, we can collectively enhance the reliability of the ecosystem and foster user trust.
Q5. What excites you most about the future of connected devices?
The Internet of Things has the potential to bring endless possibilities to various industries. These smart devices will also improve our lives and work by providing smarter and more convenient experiences. Whether it’s smart homes, smart healthcare, smart transportation, or smart industries, the development of smart devices will create more innovation and convenience for us.
About Joy Liu
Joy Liu, the CISO and head of information security at Tuya Smart, is responsible for overseeing the development of Tuya Smart’s information security and compliance system. With a background that includes working at NSFOCUS Technology, Baidu, and other renowned companies, Joy Liu has been involved in numerous large-scale enterprise security services and construction projects. With over 10 years of experience in the security industry, Joy Liu has consistently focused on enterprise information security construction and IoT security research. Joy Liu has played a leading role or actively contributed to the development of multiple IoT-related standards and holds several invention patents. Under Joy Liu’s leadership, Tuya Smart has emerged as an industry leader in the field of IoT information security.