Purchasing Power to Secure the IoT – A US solution

A cross-party group of US Senators have this week introduced the Internet of Things Cybersecurity Improvement Act, which would ensure that companies selling IoT devices to the Federal Government met a minimum security threshold. The minimum threshold loosely revolves around ensuring that products are patchable and prohibiting vendors from supplying devices that have unchangeable passwords.

Federal agencies would have the ability to enforce higher security measures and also petition for exceptions to the ruling if it were impractical or uneconomic to have the additional functionality. The Act also seeks to attempt to protect security researchers who exposed flaws in IoT devices used by the Government from prosecution.

Whilst the Act is limited to technology being sold to the Government the intention is that there will be substantial overspill into the wider IoT market. The development follows on from the publication of Strategic Principles for Securing the IoT from the Department of Homeland Security (DHS) in January.

The conversation in the UK and EU is currently focused on consumer devices with discussion ongoing about a potential trust or secure label. The Department for Digital, Culture, Media and Sport (DCMS) are also looking at potential interventions in this area. techUK is on the external advisory group for this project and will be holding a call between the IoT and Cyber Security Councils – if you are interested; http://www.techuk.org/events/meeting/item/11152-joint-iot-and-cyber-security-council-working-group 


Are you an SME operating in the public sector market? Complete our #SME survey today @gov_procurement https://t.co/9ldokoXEVJ
Complete our #SME survey and help us make the case on your behalf @gov_procurement https://t.co/7EYttxsmB0
Come hear from our #datacentre expert, Emma Fryer, @dcdnews ‘s #Zettastructure event on Nov 8 talking about Brexit https://t.co/0B8tplDM0m
@TwitterSupport @TwitterSupport - would it be possible to provide an answer by 4pm UK time please?
At What Price Progress? Read techUK's Giles Derrington on getting Brexit negotiations to phase 2: https://t.co/hYmogE2uFw
@TwitterSupport we are trying to verify this account but it is recognising us as a person not an org. Pls Help.
See @techUKdepCEO's commentary on this week's #Brexit negotiations in Brussels https://t.co/EfhkenIV3Y
How does the digital sector underpins the global economy? Register for #Supercharging17 here: https://t.co/eVPDpyfyHu