Connected Devices Must Be More Secure

Internet of Things (IoT) solutions increasingly provide valuable data and insights that enhance the way we work and live, connecting cars and homes, and manufactured and consumer products. However, their connection to the network means that in many cases these devices and the industrial systems they connect to can be highly vulnerable to cyber attacks.  

Now, the US Congress has passed a substantial new cyber security bill which will significantly improve the security of  the IoT and with more 10 billion IoT devices in use today and more than 25 billion devices expected in the next five years, this is a major step forward.

The IoT Cybersecurity Improvement Act directs the US National lnstitute of Standards & Technology (NIST) to develop “minimum information security requirements for managing cybersecurity risks associated with such devices” and further requires NIST to take into account current standards and best practices in the marketplace.  he bill requires NIST to develop guidelines on how federal agencies should manage and resolve cybersecurity vulnerabilities in their IoT devices, as well as how contractors and subcontractors receive and disseminate information about such vulnerabilities. 

The measure, which was passed in the US Senate by unanimous consent at the end of November and is pending Presidential signature, will establish baseline security requirements for IoT manufacturers and require contractors to implement vulnerability disclosure policies. 

Companies may choose not to comply with the requirements, so unsafe products may still be on the market, but there will be a series of basic industry standards that consumers can refer to when comparing devices and security offerings. States, like California and Oregon, have already developed some similar legislation, but the passage of a law at the federal level is a strong incentive to create industry standards. 

US Congress:         Federal News Network:       Cyberscoop:      ASIS Online:      I-HLS:          Forbes:

You Might Also Read:

Finland Has A Cyber Security Standard For IoT:

 

« Maritime Cyber Security Goes Critical
Successful Hack On EU Vaccine Agency »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

WEBINAR: How To Build And Implement An Effective Endpoint Detection And Response Strategy

WEBINAR: How To Build And Implement An Effective Endpoint Detection And Response Strategy

Join this webinar to learn how the cloud threat landscape is evolving and organizations are deploying more advanced and capable security controls at scale.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

MIS Training Institute (MISTI)

MIS Training Institute (MISTI)

MISTI is the international leader in audit and information security training, with offices in the US and London.

evoila

evoila

evoila GmbH is one of the leading providers in consulting, analysis, implementation and management of cloud infrastructure.

Clusit

Clusit

Clusit is the Italian Association for Information Security, a nonprofit organization devoted to promoting every aspect of information security.

Computer & Communications Industry Association (CCIA)

Computer & Communications Industry Association (CCIA)

CCIA supports efforts to facilitate and streamline information sharing on cyber threats between the private sector and the Federal Government.

Cyber Security Specialists

Cyber Security Specialists

Cyber Security Specialists Limited provide Security services across a wide range of markets, from multi-national Corporate Organisations and Government Agencies, through to smaller Businesses.

LSoft Technologies

LSoft Technologies

LSoft Technologies is a leader in data recovery software technologies.

Nova Leah

Nova Leah

Nova Leah helps connected medical device manufacturers meet cybersecurity compliance requirements throughout the entire product lifecycle.

FraudWatch International

FraudWatch International

FraudWatch has been protecting client brands around the world since 2003, and are the leaders in online brand protection from phishing, malware, social media and mobile apps impersonation.

MetaCert

MetaCert

MetaCert’s Zero Trust browser software reduces the risk of organizations being compromised with a phishing-led cyberattack by more than 98%.

Silent Sector

Silent Sector

Silent Sector is a cybersecurity services company that specializes in providing a wide range of managed security services.

4Securitas

4Securitas

4Securitas is an innovative cyber security firm focused on protecting critical data at the core of every organisation.

Seccuri

Seccuri

Seccuri is a unique global cybersecurity talent tech platform. Use our specialized AI algorithm to grow and improve the cybersecurity workforce.

AutoRABIT

AutoRABIT

AutoRABIT provides DevSecOps tools built specifically for Salesforce developers to increase release velocity, produce consistently high-quality code, and enhance data security.

Softwerx

Softwerx

Softwerx is the UK’s leading Microsoft cloud security practice. We’ve been helping forward-thinking companies better secure their businesses for nearly twenty years.

PagerDuty

PagerDuty

PagerDuty is the central nervous system for a company’s digital operations. We identify issues in real-time and bring together the right people to respond to problems faster.

AArete

AArete

AArete is a global management and technology consulting firm specializing in strategic profitability improvement, digital transformation, and advisory services.