A legislation was recently introduced to the U.S. Senate and House of Representatives to improve the cybersecurity of Internet-of-Things devices. The Bipartisan legislation, the Internet of Things (IoT) Cybersecurity Improvement Act of 2019, is intended to make sure that the devices purchased by the U.S. government meet minimum security requirements.
The latest bill, which was introduced by U.S. Sens. Mark R. Warner and Cory Gardner, co-chairs of the Senate Cybersecurity Caucus, along with Sens. Maggie Hassan and Steve Daines, mandates the U.S. National Institute of Standards and Technology to create recommendations to address cybersecurity issues and release guidelines for government agencies that align with the NIST recommendations.
The IoT Cybersecurity Improvement Act of 2019 also directs NIST to work with cybersecurity researchers and industry experts to publish guidance on coordinated vulnerability disclosure to ensure that vulnerabilities related to agency devices are addressed, Augusta Free Press reported.
“While I’m excited about their life-changing potential, I’m also concerned that many IoT devices are being sold without appropriate safeguards and protections in place, with the device market prioritizing convenience and price over security. This legislation will use the purchasing power of the federal government to establish some minimum-security standards for IoT devices,” said Sen. Warner, a former technology entrepreneur and executive and Vice Chairman of the Senate Select Committee on Intelligence.
“The Internet of Things (IoT) landscape continues to expand, with most experts expecting tens of billions of devices to be operating on our networks within the next several years. As these devices continue to transform our society and add countless new entry points into our networks, we need to make sure they are secure, particularly when they are integrated into the federal government’s networks. As co-chairs of the Senate Cybersecurity Caucus, Senator Warner and I remain committed to advancing our nation’s cybersecurity defenses,” said Sen. Gardner.
In 2018, the security experts from Edinburgh Napier University and U.S. electronics manufacturer Keysight Technologies stated that they’re working on a new project to assess the vulnerabilities of the Internet of Things (IoT) devices to cyber-attacks. The 12-month project maintained by the Innovation Centre for Sensor and Imaging Systems (Censis) will use data analytics to create an outline for manufacturers to estimate the risks associated with different IoT devices.