IoT Cybersecurity Improvement Act Calls for Deployment Standards
The News: A proposed federal bill seeks to develop security standards for all government-purchased internet-connected devices. The IoT Cybersecurity Improvement Act of 2019, co-sponsored by Reps. Robin Kelly (D-Ill) and Will Hurd (R-Texas), would require the National Institute of Standards and Technology (NIST), to issue guidelines for the secure development, configuration, and management of IoT devices. It would also require the federal government to comply with these guidelines. Read the full story at SearchSecurity.
Analyst Take: If the Internet of Things (IoT) has ever made you nervous about possible security issues, that’s good—that means you’re paying attention. We’ve been writing and speaking about the need for a security-first mindset in the development of all things IoT-device related for a long time now, so this proposed bill definitely got my attention.
What is the IoT Cybersecurity Improvement Act of 2019?
The main focus of the IoT Cybersecurity Improvement Act of 2019 is creating a set of security standards that all internet-ready devices purchased by the government would have to adhere to. Granted, this proposed bill is only meant to affect devices used by government officials right now, but it’s possible it could lead to standards that might eventually extend to all devices in the future. I’ll remain cautiously hopeful on that front.
Since the bill’s introduction last March, its co-sponsors and the bill’s proponents alike have expressed concerns about how quickly IoT-operated devices are brought to the market, often too fast to fully vet them to ensure there are no security issues. Obviously, this is a big issue for government officials, but many citizens also worry about it when using their own personal devices.
What’s the Status?
Both the House and Senate bills have been voted on and are one step closer to becoming reality. The House bill needs approval by one additional committee before heading to the House Floor, and the Senate bill has cleared and could be close to receiving a final vote on the Senate Floor. Jen Ellis over at Rapid7 has done an amazingly thorough job of analyzing these bills, their respective markups and progress through the House and Senate. If this is of interest to you, I highly recommend you check out her article.
This is a bill our team will watch closely, as cybersecurity understandably remains a top concern for businesses of all sizes across all industries. The Internet of Things, and IoT-connected devices present great opportunities for innovation and advancement, but there are inherent security risks that are part of the equation as well. If a bill of this nature ends up becoming law, this could easily reach beyond the federal government and impact IoT security into the private sector as well as, of course, the development of consumer devices. And that? That’s a very good thing.
Image credit: Skeeze from Pixabay
More Analysis from Futurum Research:
Massive GDPR Fines Mean Investors, Board Members, Rethink Cybersecurity
Paris Calling: Huawei Joins Paris Call to Bolster Global Cybersecurity — Will It Make a Difference?
FaceApp is a Giant Cybersecurity Risk: From Fun to Dangerous in an Instant
Futurum Research provides industry research and analysis. These columns are for educational purposes only and should not be considered in any way investment advice
Shelly Kramer is a Principal Analyst and Founding Partner at Futurum Research. A serial entrepreneur with a technology centric focus, she has worked alongside some of the world’s largest brands to embrace disruption and spur innovation, understand and address the realities of the connected customer, and help navigate the process of digital transformation. She brings 20 years' experience as a brand strategist to her work at Futurum, and has deep experience helping global companies with marketing challenges, GTM strategies, messaging development, and driving strategy and digital transformation for B2B brands across multiple verticals. Shelly's coverage areas include Collaboration/CX/SaaS, platforms, ESG, and Cybersecurity, as well as topics and trends related to the Future of Work, the transformation of the workplace and how people and technology are driving that transformation. A transplanted New Yorker, she has learned to love life in the Midwest, and has firsthand experience that some of the most innovative minds and most successful companies in the world also happen to live in “flyover country.”