Congress Looks into Cybersecurity Standards for IoT Devices

Posted Date 10/13/17

Congress is looking into ways to ensure the security of federally procured electronic devices as part of ongoing legislative work on the Internet of Things  (IoT) Cybersecurity Improvement Act that Senator Mark Warner introduced in August.

In the House, Rep. Robin Kelly introduced companion legislation that will seek to build on the Senate bill and set up more basic safety requirements for federal devices, which include security cameras, webcams, smart TVs, and others that federal agencies use. Although this use is not very wide at the moment, it is growing.

Among the proposed requirements in the two bills are making sure the federally procured IoT devices can receive security patches, that they do not possess any known vulnerabilities, and that they do not feature embedded passwords that cannot be changed.

Unfortunately, the task is a hard one. The chair of the House IT committee Rep. Will Hurd, for example, said that for now, there are more questions than answers about the cybersecurity of IoT devices. Also, it’s a broad area, which makes building a functioning regulatory framework very challenging.

Legislators have enlisted the help of security experts in this endeavor. One of these, Matthew Eggers from the national Security and Emergency Preparedness Department at the Chamber of Commerce, put it simply: there is no silver bullet when it comes to cybersecurity. He also said the definition that lawmakers had given IoT devices was too broad to work.

Another expert, Ray O’Farrell, CTO of VMWare, told Morning Consult that both the business world and federal agencies need to get used to what he called cyber hygiene. Encryption, multi-factor authentication, and patching are some elements of this routine.

Posted in Security | Tagged

Copyright © 2012 Recharge Asia Corp. All Rights Reserved. Terms under which this service is provided to you.
京公网安备: 11010802008822 号    京ICP 证 09052955