Connected Devices Must Be More Secure
Internet of Things (IoT) solutions increasingly provide valuable data and insights that enhance the way we work and live, connecting cars and homes, and manufactured and consumer products. However, their connection to the network means that in many cases these devices and the industrial systems they connect to can be highly vulnerable to cyber attacks.
Now, the US Congress has passed a substantial new cyber security bill which will significantly improve the security of the IoT and with more 10 billion IoT devices in use today and more than 25 billion devices expected in the next five years, this is a major step forward.
The IoT Cybersecurity Improvement Act directs the US National lnstitute of Standards & Technology (NIST) to develop “minimum information security requirements for managing cybersecurity risks associated with such devices” and further requires NIST to take into account current standards and best practices in the marketplace. he bill requires NIST to develop guidelines on how federal agencies should manage and resolve cybersecurity vulnerabilities in their IoT devices, as well as how contractors and subcontractors receive and disseminate information about such vulnerabilities.
The measure, which was passed in the US Senate by unanimous consent at the end of November and is pending Presidential signature, will establish baseline security requirements for IoT manufacturers and require contractors to implement vulnerability disclosure policies.
Companies may choose not to comply with the requirements, so unsafe products may still be on the market, but there will be a series of basic industry standards that consumers can refer to when comparing devices and security offerings. States, like California and Oregon, have already developed some similar legislation, but the passage of a law at the federal level is a strong incentive to create industry standards.
US Congress: Federal News Network: Cyberscoop: ASIS Online: I-HLS: Forbes:
You Might Also Read:
Finland Has A Cyber Security Standard For IoT: