While the Internet of Things (IoT) has carved out a comfortable place for itself in todays society and markets, many still fear that the interconnectivity-driven phenomenon is extraordinarily vulnerable to outside attacks. A number of U.S. Senators believe they may have a solution to the problem, and have put forward the Internet of Things Cybersecurity Improvement Act of 2017.
What are the exact details of the text of the bill, and how does it intend to secure one of the most diverse and unregulated assets of the economy? What potential pitfalls stand in the bills way, and how much of a chance does it have of becoming law? An analysis of the IoT Act reveals that its a healthy step in the right direction, but it may not be enough.
As the strength and value of the IoT is driven by the proliferation of networked devices, it stands to reason that more and more digitally-connected gadgets could only be a good thing for it. Shoddy, non-patchable hardware has proven to be an incredible vulnerability for the IoT, however, and could cripple it in the future. One massive 2016 cyberattack exploited connected IoT devices for nefarious purposes, for instance.
The IoT Cybersecurity Improvement Act hopes to remedy this problem by reevaluating government procurement standards. Currently, many of the devices bought by government agencies come equipped with pre-installed passwords which cant be changed easily, and sometimes cant be changed at all. This serious security threat will be mitigated by the bill, which aims to enforce regulations which ensure all devices sold to the federal government are patchable.
The bill also prohibits vendors from selling devices which possess known vulnerabilities, and orders the Department of Homeland Security to work with industry officials to formulate clearer guidelines. These are all steps in the right direction, but may prove tricky to enforce, as the bills language regarding what constitutes an internet-connected device can be interpreted as being overly broad.
Uncertainty like that in a bill can be costly in the long run, driving up cost as courts must litigate over the tiny details in the bills language. Nonetheless, the frightening levels of vulnerability in the IoT, which is largely made up of un-patchable, relatively poorly-defended gadgets, necessitates a stricter approach to cybersecurity, which this bill attempts to provide.
The success of the IoT Cybersecurity Improvement Act will largely hinge upon whether the federal governments spending power is enough to solve the IoTs security dilemma. While the bill possesses some language that fosters increased government cooperation with private industry leaders, it may not be enough to persuade the broader market to take the IoTs cybersecurity more seriously.
IoT spending is already set to surpass $800 billion in 2017 alone, and could even rocket up to an astonishing $1.4 trillion by 2021. As the market for devices continues to grow, and global incomes rise, the IoT could be endangered if companies attempt to meet the staggering demand for IoT gadgets by lowering their security standards to optimize production.
A factsheet of the bill produced by one of its sponsoring senators even recognizes how challenging it may be for companies to meet some of its requirements, and notes that government employees could still buy non-compliant devices if they first receive permission from the Office of Management and Budget.
Regardless of what shortcomings the bill may possess, its incentivizing of manufacturers to produce better-secured devices will be invaluable in the years to come as the IoT continues to grow at a remarkable pace. Some parts of the bills language will be incredibly challenging to follow through on, such as its requirement that agencies inventory any and all IoT devices they use. To expect the government to accurately keep track of all internet-connected gadgets it uses could prove to be a pipe dream, but at very least such measures grant IoT security some of the respect and attention it desperately needs.
Some of the details of the bill could be misinterpreted and end up mitigating private researchers abilities to solve IoT security issues, but this too is unlikely, and could be solved with reasonable amendments and wise enforcement policies. Uncle Sams late arrival to the IoT cybersecurity scene could end up haunting the market for some time as hackers probe for opportunities, but should ultimately be welcomed as a new, more secure chapter in the IoTs story.
While it would be a serious stretch to say that U.S. lawmakers have permanently secured the internet, the IoT Cybersecurity Act of 2017 takes aim at the most egregious vulnerabilities that plague the market today. The only question that remains is whether the bill can gather enough support to pass, and whether it will inspire the private sector to crackdown on future breaches of internet security.
This article is published as part of the IDG Contributor Network. Want to Join?
Read the original here:
Can US lawmakers fix IoT security for good? – Network World
- 10 Internet Security Programs (for Windows), Ranked Best ... - March 7th, 2018
- AVG Internet Security 2015 Free Download - getintopc.com - March 3rd, 2018
- McAfee Internet Security Download - softpedia.com - February 28th, 2018
- COMODO Internet Security Download - softpedia.com - January 30th, 2018
- Best Internet Security Software 2018 - The best rated ... - January 28th, 2018
- Comodo Antivirus - Best Virus Removal Software 2018 - January 13th, 2018
- ZoneAlarm Antivirus Software | Virus Protection & Firewall - January 13th, 2018
- What Is the Meaning of Internet Security? | Techwalla.com - January 12th, 2018
- Download Avast Internet Security 17.7.2314 - FileHippo.com - January 12th, 2018
- Vipre Antivirus VIPRE Internet Security - January 12th, 2018
- AVG Internet Security 2018 License Key With Crack Full Version - January 8th, 2018
- CA Internet Security Suite Plus - Download - December 27th, 2017
- Collaborative Security: An approach to tackling Internet ... - December 27th, 2017
- Norton Internet Security - Download - December 20th, 2017
- Best Internet Security 2017 - Total Security Software for ... - December 20th, 2017
- Get the Best Internet Security Software of 2016! - December 20th, 2017
- Internet Security Administrator: Job Description and Requirements - December 19th, 2017
- Top 10 Cheap Antivirus and Internet Security Protection for ... - December 19th, 2017
- Download AVG Internet Security Unlimited - FileHippo.com - December 19th, 2017
- Norton Internet Security - softpedia.com - December 19th, 2017
- Internet Security - Cisco - December 19th, 2017
- Best Antivirus Software, Internet Security & Malware Removal - December 19th, 2017
- internet security | eBay - October 26th, 2017
- Avast Internet Security Download - softpedia.com - October 20th, 2017
- Internet Security Software | Trend Micro - October 3rd, 2017
- Lenovo Faces No Significant Penalty for Security-Destroying Superfish Debacle - ExtremeTech - September 7th, 2017
- 25% Upside Seen In Palo Alto, Argus Research Upgrades To Buy - Benzinga - September 5th, 2017
- How to: Your essential guide to internet security - PC Authority - September 5th, 2017
- Internet security startup founded by former CIA analyst raises $40 million - San Francisco Business Times - September 2nd, 2017
- CyberRehab's mission? To clean up the internet, one ASN block at a time - The Register - September 2nd, 2017
- Kaspersky Lab launched updated versions of Kaspersky Internet ... - Software Testing News - September 1st, 2017
- Cloud-based CAE HPC Partnership Focuses on Speed and Security of Data Transfer - ENGINEERING.com - September 1st, 2017
- China's cybersecurity law grants government 'unprecedented' control over foreign tech - The Register - September 1st, 2017
- Symantec CEO Sees Broad-Based Internet Security Threats - Bloomberg - August 31st, 2017
- Expert warns sexting is seen as normal by many young people - Evening Echo Cork - August 31st, 2017
- Internet Explorer - Wikipedia - August 30th, 2017
- Your essential guide to internet security - IT PRO - August 30th, 2017
- DUO to increase student internet security - The Crimson While - August 30th, 2017
- Online threats lead to real-world harm, say security experts - CNBC - August 30th, 2017
- Net neutered: When ISPs like Comcast crash the cloud - ZDNet - August 30th, 2017
- Upgrade your internet security with Private Internet Access VPN ... - Popular Science - August 28th, 2017
- Internet 101 Survey results show disconnect between confidence and Internet user knowledge - TechSpot - August 28th, 2017
- Leak of >1700 valid passwords could make the IoT mess much worse - Ars Technica - August 27th, 2017
- How to Choose the Best Internet Security Software? | Bdaily - Bdaily - August 25th, 2017
- China overtakes Belgium on world innovation index - TechNode (blog) - August 25th, 2017
- Zephyr Cove internet security company enters into Paten Standstill Agreement - Northern Nevada Business Weekly - August 25th, 2017
- Internet key to farm security, farmer Bruce Crafter says at Farm Security and Farmers Health Expo in Bendigo - Bendigo Advertiser - August 25th, 2017
- Q2 2017 Akamai State Of The Internet / Security Report Analyzes Re-Emergence Of PBot Malware; Domain Generation ... - PR Newswire (press release) - August 25th, 2017
- OneLogin is Changing How We Think About Internet Security - HiTechChronicle - August 25th, 2017
- Q2 2017 Akamai State Of The Internet / Security Report Analyzes Re-Emergence Of PBot Malware; Domain Generation ... - GuruFocus.com - August 23rd, 2017
- Getting serious about research ethics: Security and Internet Measurement - Freedom to Tinker - August 23rd, 2017
- Dozens of pro-Trump rallies retreat to internet, insist it's not due to poor attendance - Mashable - August 22nd, 2017
- Ransomware Victims Pay Much More Than Just the Ransom - eWeek - August 22nd, 2017
- A Very Dumb Mistake Costs Cryptocurrency Investors Big Time - WIRED - August 22nd, 2017
- WomensLaw.org | Internet Security - August 20th, 2017
- Facebook Awards $100K for Spear Phishing Security Research - eWeek - August 19th, 2017
- Resilience, Emergencies and the Internet: Security In-Formation - Peace Research Institute Oslo (PRIO) (press release) - August 18th, 2017
- LIBTELCO Hosts First Cyber Security Confab - Liberian Daily Observer - August 18th, 2017
- Free or hate speech? Silicon Valley searches for proper line - CBS News - August 18th, 2017
- The Yin-Yang of Cybersecurity Legislation The Internet of Things Cybersecurity Act - CSO Online - August 16th, 2017
- Women build capacity in internet security - Ghana News Agency - August 14th, 2017
- 3 Problems Related to Internet Security and Online Safety - Bdaily - August 14th, 2017
- Internet security at home avoid being an online victim - North Coast Courier - August 11th, 2017
- Healthcare Industry May Not Be Prepared For Internet of Things - JD Supra (press release) - August 11th, 2017
- Kaspersky Lab Launches Internet Security Campaign in Asia Pacific - Guiding Tech - August 10th, 2017
- Bitdefender Internet Security 2016 - PCMag India - August 6th, 2017
- Mozilla bets its Rust language will make your internet safer - CNET - August 3rd, 2017
- Kaspersky Internet Security 2018 126.96.36.1995 - Tech Advisor - August 3rd, 2017
- Top 5 Internet Security Practices to Staying Safe Online - The Merkle - August 1st, 2017
- Every day is Internet Security Day | Opinion | thenewsherald.com - Southgate News Herald - August 1st, 2017
- Security This Week: The Very Best Hacks From Black Hat and Defcon - WIRED - August 1st, 2017
- 'Internet of things' hackers raise cloud of fear - E&E News - August 1st, 2017
- Facebook Donates $1M in New Funds for Internet Security at Black Hat - eWeek - August 1st, 2017
- ARRIS Launches First Gateway with ARRIS Secure Home Internet by McAfee; Exclusively at Best Buy - PR Newswire (press release) - July 12th, 2017
- Bitdefender unveils 2018 edition of Total Security, Internet Security ... - Windows Report - July 12th, 2017
- Women in IT Security: Eight Women to Watch - SC Magazine - July 11th, 2017
- The Internet of Identities (IoI) - CSO Online - July 11th, 2017
- Trump Says He Pressed Putin, While Casting More Doubt On Election Meddling - NPR - July 9th, 2017
- Internet freedom must be protected but also respected - Independent Online - July 9th, 2017
- The internet, security and privacy - TechTarget (blog) - July 7th, 2017