Connected Devices Must Be More Secure

Internet of Things (IoT) solutions increasingly provide valuable data and insights that enhance the way we work and live, connecting cars and homes, and manufactured and consumer products. However, their connection to the network means that in many cases these devices and the industrial systems they connect to can be highly vulnerable to cyber attacks.  

Now, the US Congress has passed a substantial new cyber security bill which will significantly improve the security of  the IoT and with more 10 billion IoT devices in use today and more than 25 billion devices expected in the next five years, this is a major step forward.

The IoT Cybersecurity Improvement Act directs the US National lnstitute of Standards & Technology (NIST) to develop “minimum information security requirements for managing cybersecurity risks associated with such devices” and further requires NIST to take into account current standards and best practices in the marketplace.  he bill requires NIST to develop guidelines on how federal agencies should manage and resolve cybersecurity vulnerabilities in their IoT devices, as well as how contractors and subcontractors receive and disseminate information about such vulnerabilities. 

The measure, which was passed in the US Senate by unanimous consent at the end of November and is pending Presidential signature, will establish baseline security requirements for IoT manufacturers and require contractors to implement vulnerability disclosure policies. 

Companies may choose not to comply with the requirements, so unsafe products may still be on the market, but there will be a series of basic industry standards that consumers can refer to when comparing devices and security offerings. States, like California and Oregon, have already developed some similar legislation, but the passage of a law at the federal level is a strong incentive to create industry standards. 

US Congress:         Federal News Network:       Cyberscoop:      ASIS Online:      I-HLS:          Forbes:

You Might Also Read:

Finland Has A Cyber Security Standard For IoT:

 

« Maritime Cyber Security Goes Critical
Successful Hack On EU Vaccine Agency »

Quartz Conference
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / Zero Trust Network Access Guide

Perimeter 81 / Zero Trust Network Access Guide

Curious how you can Implement a Zero Trust roadmap with insights from Gartner? Download this free report for a limited time only.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

International Association for Cryptologic Research (IACR)

International Association for Cryptologic Research (IACR)

(IACR is a non-profit scientific organization whose purpose is to further research in cryptology and related fields.

Mega

Mega

Mega is a secure cloud data storage provider with browser-based high-performance end-to-end encryption.

S2 Grupo

S2 Grupo

S2 Grupo is the benchmark company in Europe and Latin America, for Cyber Intelligence and mission critical systems operations.

SBS CyberSecurity

SBS CyberSecurity

SBS CyberSecurity is a premier cybersecurity consulting and audit firm.

CalCom

CalCom

CalCom Hardening Solution (CHS) for Microsoft OMS is a security baseline-hardening solution designed to address the needs of IT operations and security teams.

NuData Security

NuData Security

NuData Security, A Mastercard Company, is an award winning behavioral biometrics company.

Online Business Systems

Online Business Systems

Online Business Systems is an information technology and business consultancy. We design improved business processes enabled with robust and secure information systems.

BeDefended

BeDefended

BeDefended is an Italian company operating in IT Security and specialized in Cloud and Application Security with years of experience in penetration testing, consulting, training, and research.

DeuZert

DeuZert

DeuZert is an accredited German certification body in accordance with ISO/IEC 27001 (Information Security Management).

Swiss Accreditation Service (SAS)

Swiss Accreditation Service (SAS)

SAS is the national accreditation body for Switzerland. The directory of members provides details of organisations offering certification services for ISO 27001.

SensorHound

SensorHound

SensorHound’s mission is to improve the security and reliability of the Internet of Things (IoT).

Sevonix

Sevonix

Sevonix is a professional services organization specializing in offering best in class technology implementation and information security consulting services.

Berezha Security Group (BSG)

Berezha Security Group (BSG)

BSG is a cybersecurity consulting firm specializing in all aspects of application security and penetration testing.

MTI

MTI

MTI is a solutions and service provider, specialising in data & cyber security, datacentre modernisation, modern workplace, IT managed services and IT transformation services.

Persona

Persona

At Persona, we’re humanizing online identity by helping companies verify that their users are who they say they are.

Apex Systems

Apex Systems

Apex Systems is a world-class technology services business that incorporates industry insights and experience to deliver solutions that fulfill our clients’ digital visions.