Regular readers of this blog are certainly no stranger to the Internet of Things (IoT), where it’s going, and the potential standards-related issues that it will face in the future. And, it seems, those in the United States government are also acknowledging the critical need for standards in this area.
Homes are becoming increasingly “smarter” with the advent of new IoT devices. IoT devices can be anything from HVAC systems that change based on the time of day to a refrigerator that tells you when you’re low on milk – and where milk is on sale. While the concept of these types of intelligent devices that not only talk to the internet but also to each other sounds amazing, there are also new vulnerabilities that arise with the technology.
By allowing the internet into our lives through more than just computers and cell phones, we are also allowing more risk. And that’s where some members of the US Congress are stepping in. According to a recent article in Forbes:
“The question of cybersecurity on the internet of things is too huge an issue to address all at once. Senators working across two different parties are now working together to focus public attention on one of the most important aspects of this situation. It is the question of establishing proper security standards for the sale of IoT devices meant for use by government agencies. Senators Cory Gardner, Steve Daines, Mark Warner and Ron Wyden have sponsored a new legislation known as The Internet of Things Cybersecurity Act of 2017, which, among other things, aims to establish realistic standards with respect to security in connected devices sold to the federal government.”
This activity serves to even further underscore the need for established standards in this space to protect both innovation and security of the end user. These standards should, in our opinion, be shaped by adherence to the principles of the Modern Paradigm for Standards.
While the bill isn’t a cure-all to fix the issues of cyber security in IoT, it does, as the article says, go only so far as any legislation can go in the matter of security. “Security in the cyberworld is an ever-evolving term, one that requires constant and dedicated research impossible to be captured in pen and paper. The legislation in concern is not much of a safeguard in itself, but it is important inasmuch as it serves to bear evidence to the government’s growing concern for cybersecurity in the wake of an exceedingly large number of cyberattacks.”
What are your thoughts on this new legislative effort?