Connected Devices Must Be More Secure

Uploaded on 2020-12-10 in TECHNOLOGY-Key Areas-Internet of Things, TECHNOLOGY--Developments, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Law

Internet of Things (IoT) solutions increasingly provide valuable data and insights that enhance the way we work and live, connecting cars and homes, and manufactured and consumer products. However, their connection to the network means that in many cases these devices and the industrial systems they connect to can be highly vulnerable to cyber attacks.  

Now, the US Congress has passed a substantial new cyber security bill which will significantly improve the security of the IoT and with more 10 billion IoT devices in use today and more than 25 billion devices expected in the next five years, this is a major step forward.

The IoT Cybersecurity Improvement Act directs the US National lnstitute of Standards & Technology (NIST) to develop “minimum information security requirements for managing cybersecurity risks associated with such devices” and further requires NIST to take into account current standards and best practices in the marketplace.  he bill requires NIST to develop guidelines on how federal agencies should manage and resolve cybersecurity vulnerabilities in their IoT devices, as well as how contractors and subcontractors receive and disseminate information about such vulnerabilities. 

The measure, which was passed in the US Senate by unanimous consent at the end of November and is pending Presidential signature, will establish baseline security requirements for IoT manufacturers and require contractors to implement vulnerability disclosure policies. 

Companies may choose not to comply with the requirements, so unsafe products may still be on the market, but there will be a series of basic industry standards that consumers can refer to when comparing devices and security offerings. States, like California and Oregon, have already developed some similar legislation, but the passage of a law at the federal level is a strong incentive to create industry standards. 

US Congress:         Federal News Network:       Cyberscoop:      ASIS Online:      I-HLS:          Forbes:

You Might Also Read:

Finland Has A Cyber Security Standard For IoT:

 

« Maritime Cyber Security Goes Critical
Successful Hack On EU Vaccine Agency »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DataGuidance

DataGuidance

DataGuidance is a platform used by privacy professionals to monitor regulatory developments, mitigate risk and achieve global compliance.

Information Security Systems (ISSCOM)

Information Security Systems (ISSCOM)

ISSCOM provide services to help companies implement Information Security Management Systems (ISMS) by providing consultancy and hands-on assistance.

RSA Security

RSA Security

RSA provide cybersecurity products for Threat Detection and Response, Identity and Access Management, Governance, Risk and Compliance, and Fraud Prevention.

Kaseya

Kaseya

Kaseya is a premier provider of unified IT management and security software for managed service providers (MSPs) and small to medium-sized businesses (SMBS).

France Cybersecurity

France Cybersecurity

France Cybersecurity represents the French cybersecurity industry to raise international awareness of French cybersecurity capabilities and solutions.

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute is an independent non-governmental organization that focuses on research and analysis of security challenges including defence and cyber security.

Claranet

Claranet

Claranet are experts in modernising and running critical applications and infrastructure through end-to-end professional services, managed services and training.

BeDefended

BeDefended

BeDefended is an Italian company operating in IT Security and specialized in Cloud and Application Security with years of experience in penetration testing, consulting, training, and research.

CYSEC SA

CYSEC SA

Cysec is equipped to deliver agile security solutions for the most challenging IT infrastructures around the world.

Green House Data

Green House Data

Green House Data is a managed services provider delivering hybrid solutions to enterprises who need secure IT environments and efficient management of their critical applications and business data.

FireCompass

FireCompass

FireCompass SAAS platform helps CISOs & Security Teams in continuous risk assessment by mapping your attack surface and knowing the “unknown unknowns”.

SDG Corp

SDG Corp

SDG is a global cybersecurity, identity governance, risk consulting and advisory firm, addressing complex security, compliance and technology needs.

Herzing College

Herzing College

Herzing College Ottawa offers an accelerated 12-month Cybersecurity Specialist training program. This program is developed by industry experts and based on leading IT security certifications.

RubinBrown

RubinBrown

RubinBrown LLP is a leading accounting and professional consulting firm. The RubinBrown name and reputation are synonymous with experience, integrity and value.

HLB Mann Judd (Fiji)

HLB Mann Judd (Fiji)

HLB Mann Judd (Fiji) (formerly known as HLB Crosbie & Associates) is a well-established firm of accountants and business advisers in Fiji.

ARGOS Cloud Security

ARGOS Cloud Security

ARGOS aims to simplify and strengthen cloud security, by creating a visual map of security vulnerabilities, to your priceless information stored in any cloud provider environment.