While the Internet of Things (IoT) has carved out a comfortable place for itself in todays society and markets, many still fear that the interconnectivity-driven phenomenon is extraordinarily vulnerable to outside attacks. A number of U.S. Senators believe they may have a solution to the problem, and have put forward the Internet of Things Cybersecurity Improvement Act of 2017.
What are the exact details of the text of the bill, and how does it intend to secure one of the most diverse and unregulated assets of the economy? What potential pitfalls stand in the bills way, and how much of a chance does it have of becoming law? An analysis of the IoT Act reveals that its a healthy step in the right direction, but it may not be enough.
As the strength and value of the IoT is driven by the proliferation of networked devices, it stands to reason that more and more digitally-connected gadgets could only be a good thing for it. Shoddy, non-patchable hardware has proven to be an incredible vulnerability for the IoT, however, and could cripple it in the future. One massive 2016 cyberattack exploited connected IoT devices for nefarious purposes, for instance.
The IoT Cybersecurity Improvement Act hopes to remedy this problem by reevaluating government procurement standards. Currently, many of the devices bought by government agencies come equipped with pre-installed passwords which cant be changed easily, and sometimes cant be changed at all. This serious security threat will be mitigated by the bill, which aims to enforce regulations which ensure all devices sold to the federal government are patchable.
The bill also prohibits vendors from selling devices which possess known vulnerabilities, and orders the Department of Homeland Security to work with industry officials to formulate clearer guidelines. These are all steps in the right direction, but may prove tricky to enforce, as the bills language regarding what constitutes an internet-connected device can be interpreted as being overly broad.
Uncertainty like that in a bill can be costly in the long run, driving up cost as courts must litigate over the tiny details in the bills language. Nonetheless, the frightening levels of vulnerability in the IoT, which is largely made up of un-patchable, relatively poorly-defended gadgets, necessitates a stricter approach to cybersecurity, which this bill attempts to provide.
The success of the IoT Cybersecurity Improvement Act will largely hinge upon whether the federal governments spending power is enough to solve the IoTs security dilemma. While the bill possesses some language that fosters increased government cooperation with private industry leaders, it may not be enough to persuade the broader market to take the IoTs cybersecurity more seriously.
IoT spending is already set to surpass $800 billion in 2017 alone, and could even rocket up to an astonishing $1.4 trillion by 2021. As the market for devices continues to grow, and global incomes rise, the IoT could be endangered if companies attempt to meet the staggering demand for IoT gadgets by lowering their security standards to optimize production.
A factsheet of the bill produced by one of its sponsoring senators even recognizes how challenging it may be for companies to meet some of its requirements, and notes that government employees could still buy non-compliant devices if they first receive permission from the Office of Management and Budget.
Regardless of what shortcomings the bill may possess, its incentivizing of manufacturers to produce better-secured devices will be invaluable in the years to come as the IoT continues to grow at a remarkable pace. Some parts of the bills language will be incredibly challenging to follow through on, such as its requirement that agencies inventory any and all IoT devices they use. To expect the government to accurately keep track of all internet-connected gadgets it uses could prove to be a pipe dream, but at very least such measures grant IoT security some of the respect and attention it desperately needs.
Some of the details of the bill could be misinterpreted and end up mitigating private researchers abilities to solve IoT security issues, but this too is unlikely, and could be solved with reasonable amendments and wise enforcement policies. Uncle Sams late arrival to the IoT cybersecurity scene could end up haunting the market for some time as hackers probe for opportunities, but should ultimately be welcomed as a new, more secure chapter in the IoTs story.
While it would be a serious stretch to say that U.S. lawmakers have permanently secured the internet, the IoT Cybersecurity Act of 2017 takes aim at the most egregious vulnerabilities that plague the market today. The only question that remains is whether the bill can gather enough support to pass, and whether it will inspire the private sector to crackdown on future breaches of internet security.
This article is published as part of the IDG Contributor Network. Want to Join?
Read the original here:
Can US lawmakers fix IoT security for good? – Network World
- Amazon.com: Kaspersky Internet Security 2018 | 3 Device | 1 ... - August 8th, 2018
- AVG Internet Security - Free download and software reviews ... - August 3rd, 2018
- Top 3 Internet Security Software Suites Reviews ... - July 26th, 2018
- GRC | LeakTest -- Firewall Leakage Tester - July 26th, 2018
- Internet Security is an important part of Identity Theft ... - June 22nd, 2018
- V3 Internet Security | AhnLab - June 22nd, 2018
- Internet Security with Xfinity - Norton Security Online - June 17th, 2018
- Best Internet Security Software Compared - May 25th, 2018
- Computer and internet security software Chili Security - May 21st, 2018
- Internet Security Market Size, Share and Technology, 2021 - May 21st, 2018
- Center for Internet Security - Wikipedia - May 10th, 2018
- Download Webroot SecureAnywhere Antivirus & Internet ... - May 1st, 2018
- AVG Internet Security 2018 review | Ultimate antivirus ... - April 29th, 2018
- The Internet Security Academy - SAHCOM Technologies LLP - April 27th, 2018
- These files can't be opened. Your Internet security ... - April 20th, 2018
- How to Uninstall Norton Internet Security: 12 Steps - April 20th, 2018
- Internet Security Software at Office Depot OfficeMax - April 19th, 2018
- Why is Internet security important? | Reference.com - March 26th, 2018
- AVG Internet Security Unlimited 2018 18.2.3827 20% OFF ... - March 25th, 2018
- Trend Micro Titanium Internet Security - Download - March 21st, 2018
- Kaspersky Mobile Antivirus: AppLock & Web Security ... - March 21st, 2018
- Why do I Need Internet Security - The High Tech Society - March 21st, 2018
- Cincinnati Bell - Other Services Support - March 21st, 2018
- Internet Security Essentials for Business 2.0 | U.S ... - March 21st, 2018
- ESET Internet Security 10.0.386.0 Crack + License Keys ... - March 21st, 2018
- Privacy and Security in the Internet Age | WIRED - March 19th, 2018
- News & Events | K9 Web Protection - Free Internet Filter ... - March 19th, 2018
- 10 Internet Security Programs (for Windows), Ranked Best ... - March 7th, 2018
- AVG Internet Security 2015 Free Download - getintopc.com - March 3rd, 2018
- McAfee Internet Security Download - softpedia.com - February 28th, 2018
- COMODO Internet Security Download - softpedia.com - January 30th, 2018
- Best Internet Security Software 2018 - The best rated ... - January 28th, 2018
- Comodo Antivirus - Best Virus Removal Software 2018 - January 13th, 2018
- ZoneAlarm Antivirus Software | Virus Protection & Firewall - January 13th, 2018
- What Is the Meaning of Internet Security? | Techwalla.com - January 12th, 2018
- Download Avast Internet Security 17.7.2314 - FileHippo.com - January 12th, 2018
- Vipre Antivirus VIPRE Internet Security - January 12th, 2018
- AVG Internet Security 2018 License Key With Crack Full Version - January 8th, 2018
- CA Internet Security Suite Plus - Download - December 27th, 2017
- Collaborative Security: An approach to tackling Internet ... - December 27th, 2017
- Norton Internet Security - Download - December 20th, 2017
- Best Internet Security 2017 - Total Security Software for ... - December 20th, 2017
- Get the Best Internet Security Software of 2016! - December 20th, 2017
- Internet Security Administrator: Job Description and Requirements - December 19th, 2017
- Top 10 Cheap Antivirus and Internet Security Protection for ... - December 19th, 2017
- Download AVG Internet Security Unlimited - FileHippo.com - December 19th, 2017
- Norton Internet Security - softpedia.com - December 19th, 2017
- Internet Security - Cisco - December 19th, 2017
- Best Antivirus Software, Internet Security & Malware Removal - December 19th, 2017
- internet security | eBay - October 26th, 2017
- Avast Internet Security Download - softpedia.com - October 20th, 2017
- Internet Security Software | Trend Micro - October 3rd, 2017
- Lenovo Faces No Significant Penalty for Security-Destroying Superfish Debacle - ExtremeTech - September 7th, 2017
- 25% Upside Seen In Palo Alto, Argus Research Upgrades To Buy - Benzinga - September 5th, 2017
- How to: Your essential guide to internet security - PC Authority - September 5th, 2017
- Internet security startup founded by former CIA analyst raises $40 million - San Francisco Business Times - September 2nd, 2017
- CyberRehab's mission? To clean up the internet, one ASN block at a time - The Register - September 2nd, 2017
- Kaspersky Lab launched updated versions of Kaspersky Internet ... - Software Testing News - September 1st, 2017
- Cloud-based CAE HPC Partnership Focuses on Speed and Security of Data Transfer - ENGINEERING.com - September 1st, 2017
- China's cybersecurity law grants government 'unprecedented' control over foreign tech - The Register - September 1st, 2017
- Symantec CEO Sees Broad-Based Internet Security Threats - Bloomberg - August 31st, 2017
- Expert warns sexting is seen as normal by many young people - Evening Echo Cork - August 31st, 2017
- Internet Explorer - Wikipedia - August 30th, 2017
- Your essential guide to internet security - IT PRO - August 30th, 2017
- DUO to increase student internet security - The Crimson While - August 30th, 2017
- Online threats lead to real-world harm, say security experts - CNBC - August 30th, 2017
- Net neutered: When ISPs like Comcast crash the cloud - ZDNet - August 30th, 2017
- Upgrade your internet security with Private Internet Access VPN ... - Popular Science - August 28th, 2017
- Internet 101 Survey results show disconnect between confidence and Internet user knowledge - TechSpot - August 28th, 2017
- Leak of >1700 valid passwords could make the IoT mess much worse - Ars Technica - August 27th, 2017
- How to Choose the Best Internet Security Software? | Bdaily - Bdaily - August 25th, 2017
- China overtakes Belgium on world innovation index - TechNode (blog) - August 25th, 2017
- Zephyr Cove internet security company enters into Paten Standstill Agreement - Northern Nevada Business Weekly - August 25th, 2017
- Internet key to farm security, farmer Bruce Crafter says at Farm Security and Farmers Health Expo in Bendigo - Bendigo Advertiser - August 25th, 2017
- Q2 2017 Akamai State Of The Internet / Security Report Analyzes Re-Emergence Of PBot Malware; Domain Generation ... - PR Newswire (press release) - August 25th, 2017
- OneLogin is Changing How We Think About Internet Security - HiTechChronicle - August 25th, 2017
- Q2 2017 Akamai State Of The Internet / Security Report Analyzes Re-Emergence Of PBot Malware; Domain Generation ... - GuruFocus.com - August 23rd, 2017
- Getting serious about research ethics: Security and Internet Measurement - Freedom to Tinker - August 23rd, 2017
- Dozens of pro-Trump rallies retreat to internet, insist it's not due to poor attendance - Mashable - August 22nd, 2017
- Ransomware Victims Pay Much More Than Just the Ransom - eWeek - August 22nd, 2017