Internet of Things Security Bill To Establish Security Standards Mandatory for Government
The US Senate has unanimously passed the IoT Cybersecurity Improvement Act. The bill will require that Internet of Things (IoT) devices purchased by the federal government meet certain cybersecurity standards which will be set by the National Institute of Standards and Technology (NIST). Agencies will also need to establish vulnerability disclosure processes for IoT devices. The House of Representatives passed the bill in September.
While not yet law, having standards for IoT security will give us a baseline to hold manufacturers accountable, as well as aid in measuring the security, and possible certification, of current and future devices. Note that USG agencies will not be permitted to purchase devices not compliant with the standards once established.