While the Internet of Things (IoT) has carved out a comfortable place for itself in todays society and markets, many still fear that the interconnectivity-driven phenomenon is extraordinarily vulnerable to outside attacks. A number of U.S. Senators believe they may have a solution to the problem, and have put forward the Internet of Things Cybersecurity Improvement Act of 2017.
What are the exact details of the text of the bill, and how does it intend to secure one of the most diverse and unregulated assets of the economy? What potential pitfalls stand in the bills way, and how much of a chance does it have of becoming law? An analysis of the IoT Act reveals that its a healthy step in the right direction, but it may not be enough.
As the strength and value of the IoT is driven by the proliferation of networked devices, it stands to reason that more and more digitally-connected gadgets could only be a good thing for it. Shoddy, non-patchable hardware has proven to be an incredible vulnerability for the IoT, however, and could cripple it in the future. One massive 2016 cyberattack exploited connected IoT devices for nefarious purposes, for instance.
The IoT Cybersecurity Improvement Act hopes to remedy this problem by reevaluating government procurement standards. Currently, many of the devices bought by government agencies come equipped with pre-installed passwords which cant be changed easily, and sometimes cant be changed at all. This serious security threat will be mitigated by the bill, which aims to enforce regulations which ensure all devices sold to the federal government are patchable.
The bill also prohibits vendors from selling devices which possess known vulnerabilities, and orders the Department of Homeland Security to work with industry officials to formulate clearer guidelines. These are all steps in the right direction, but may prove tricky to enforce, as the bills language regarding what constitutes an internet-connected device can be interpreted as being overly broad.
Uncertainty like that in a bill can be costly in the long run, driving up cost as courts must litigate over the tiny details in the bills language. Nonetheless, the frightening levels of vulnerability in the IoT, which is largely made up of un-patchable, relatively poorly-defended gadgets, necessitates a stricter approach to cybersecurity, which this bill attempts to provide.
The success of the IoT Cybersecurity Improvement Act will largely hinge upon whether the federal governments spending power is enough to solve the IoTs security dilemma. While the bill possesses some language that fosters increased government cooperation with private industry leaders, it may not be enough to persuade the broader market to take the IoTs cybersecurity more seriously.
IoT spending is already set to surpass $800 billion in 2017 alone, and could even rocket up to an astonishing $1.4 trillion by 2021. As the market for devices continues to grow, and global incomes rise, the IoT could be endangered if companies attempt to meet the staggering demand for IoT gadgets by lowering their security standards to optimize production.
A factsheet of the bill produced by one of its sponsoring senators even recognizes how challenging it may be for companies to meet some of its requirements, and notes that government employees could still buy non-compliant devices if they first receive permission from the Office of Management and Budget.
Regardless of what shortcomings the bill may possess, its incentivizing of manufacturers to produce better-secured devices will be invaluable in the years to come as the IoT continues to grow at a remarkable pace. Some parts of the bills language will be incredibly challenging to follow through on, such as its requirement that agencies inventory any and all IoT devices they use. To expect the government to accurately keep track of all internet-connected gadgets it uses could prove to be a pipe dream, but at very least such measures grant IoT security some of the respect and attention it desperately needs.
Some of the details of the bill could be misinterpreted and end up mitigating private researchers abilities to solve IoT security issues, but this too is unlikely, and could be solved with reasonable amendments and wise enforcement policies. Uncle Sams late arrival to the IoT cybersecurity scene could end up haunting the market for some time as hackers probe for opportunities, but should ultimately be welcomed as a new, more secure chapter in the IoTs story.
While it would be a serious stretch to say that U.S. lawmakers have permanently secured the internet, the IoT Cybersecurity Act of 2017 takes aim at the most egregious vulnerabilities that plague the market today. The only question that remains is whether the bill can gather enough support to pass, and whether it will inspire the private sector to crackdown on future breaches of internet security.
This article is published as part of the IDG Contributor Network. Want to Join?
Read the original here:
Can US lawmakers fix IoT security for good? – Network World
- Avast Internet Security Review 2018 - We Hate Malware - November 8th, 2018
- Security Packages | High-Speed Internet | Windstream - November 8th, 2018
- Antivirus vs Internet Security [Security Software Comparison] - November 8th, 2018
- Internet Security Lectures by Prabhaker Mateti - November 8th, 2018
- Vipre Internet Security 2016 Free Download - Softlay - November 8th, 2018
- Internet security software Reviews 2018 - Compared & Reviewed - November 2nd, 2018
- Exhibit A - Internet Security Requirements - November 2nd, 2018
- CIS Benchmarks - Center for Internet Security - November 2nd, 2018
- Kaspersky Internet Security 2018 Crack + License Key [Latest] - October 12th, 2018
- Zillya! Internet Security | Best Security Solution for Active ... - October 12th, 2018
- Download Norton Internet Security 22.214.171.124 - softpedia.com - October 9th, 2018
- Avast Internet Security 2018 Activation Code, Serial Key Till ... - October 9th, 2018
- Download Avast Internet Security 18.6.2349 Build 18.6.3983 ... - October 9th, 2018
- Download McAfee Internet Security 19.0 Build 19.0.4016 - October 3rd, 2018
- AVG Internet Security 2018 Free Download - FileHippo - October 3rd, 2018
- Internet Security - Quick Heal - October 3rd, 2018
- Kaspersky Internet Security 2019 v126.96.36.1998 | Software ... - October 3rd, 2018
- VIPRE Internet Security Review & Comparison - September 22nd, 2018
- Internet Security Suite | Verizon Internet - September 20th, 2018
- Antivirus Security Software & Internet Security - Newegg.com - September 19th, 2018
- Amazon Best Sellers: Best Internet Security Suites - September 7th, 2018
- Download Bitdefender Internet Security 2019 188.8.131.52 - August 24th, 2018
- Best (and Worst) Internet Security Software of 2018 for Windows - August 18th, 2018
- Amazon.com: Kaspersky Internet Security 2018 | 3 Device | 1 ... - August 8th, 2018
- AVG Internet Security - Free download and software reviews ... - August 3rd, 2018
- Top 3 Internet Security Software Suites Reviews ... - July 26th, 2018
- GRC | LeakTest -- Firewall Leakage Tester - July 26th, 2018
- Internet Security is an important part of Identity Theft ... - June 22nd, 2018
- V3 Internet Security | AhnLab - June 22nd, 2018
- Internet Security with Xfinity - Norton Security Online - June 17th, 2018
- Best Internet Security Software Compared - May 25th, 2018
- Computer and internet security software Chili Security - May 21st, 2018
- Internet Security Market Size, Share and Technology, 2021 - May 21st, 2018
- Center for Internet Security - Wikipedia - May 10th, 2018
- Download Webroot SecureAnywhere Antivirus & Internet ... - May 1st, 2018
- AVG Internet Security 2018 review | Ultimate antivirus ... - April 29th, 2018
- The Internet Security Academy - SAHCOM Technologies LLP - April 27th, 2018
- These files can't be opened. Your Internet security ... - April 20th, 2018
- How to Uninstall Norton Internet Security: 12 Steps - April 20th, 2018
- Internet Security Software at Office Depot OfficeMax - April 19th, 2018
- Why is Internet security important? | Reference.com - March 26th, 2018
- AVG Internet Security Unlimited 2018 18.2.3827 20% OFF ... - March 25th, 2018
- Trend Micro Titanium Internet Security - Download - March 21st, 2018
- Kaspersky Mobile Antivirus: AppLock & Web Security ... - March 21st, 2018
- Why do I Need Internet Security - The High Tech Society - March 21st, 2018
- Cincinnati Bell - Other Services Support - March 21st, 2018
- Internet Security Essentials for Business 2.0 | U.S ... - March 21st, 2018
- ESET Internet Security 10.0.386.0 Crack + License Keys ... - March 21st, 2018
- Privacy and Security in the Internet Age | WIRED - March 19th, 2018
- News & Events | K9 Web Protection - Free Internet Filter ... - March 19th, 2018
- 10 Internet Security Programs (for Windows), Ranked Best ... - March 7th, 2018
- AVG Internet Security 2015 Free Download - getintopc.com - March 3rd, 2018
- McAfee Internet Security Download - softpedia.com - February 28th, 2018
- COMODO Internet Security Download - softpedia.com - January 30th, 2018
- Best Internet Security Software 2018 - The best rated ... - January 28th, 2018
- Comodo Antivirus - Best Virus Removal Software 2018 - January 13th, 2018
- ZoneAlarm Antivirus Software | Virus Protection & Firewall - January 13th, 2018
- What Is the Meaning of Internet Security? | Techwalla.com - January 12th, 2018
- Download Avast Internet Security 17.7.2314 - FileHippo.com - January 12th, 2018
- Vipre Antivirus VIPRE Internet Security - January 12th, 2018
- AVG Internet Security 2018 License Key With Crack Full Version - January 8th, 2018
- CA Internet Security Suite Plus - Download - December 27th, 2017
- Collaborative Security: An approach to tackling Internet ... - December 27th, 2017
- Norton Internet Security - Download - December 20th, 2017
- Best Internet Security 2017 - Total Security Software for ... - December 20th, 2017
- Get the Best Internet Security Software of 2016! - December 20th, 2017
- Internet Security Administrator: Job Description and Requirements - December 19th, 2017
- Top 10 Cheap Antivirus and Internet Security Protection for ... - December 19th, 2017
- Download AVG Internet Security Unlimited - FileHippo.com - December 19th, 2017
- Norton Internet Security - softpedia.com - December 19th, 2017
- Internet Security - Cisco - December 19th, 2017
- Best Antivirus Software, Internet Security & Malware Removal - December 19th, 2017
- internet security | eBay - October 26th, 2017
- Avast Internet Security Download - softpedia.com - October 20th, 2017
- Internet Security Software | Trend Micro - October 3rd, 2017
- Lenovo Faces No Significant Penalty for Security-Destroying Superfish Debacle - ExtremeTech - September 7th, 2017
- 25% Upside Seen In Palo Alto, Argus Research Upgrades To Buy - Benzinga - September 5th, 2017
- How to: Your essential guide to internet security - PC Authority - September 5th, 2017
- Internet security startup founded by former CIA analyst raises $40 million - San Francisco Business Times - September 2nd, 2017
- CyberRehab's mission? To clean up the internet, one ASN block at a time - The Register - September 2nd, 2017