Purchasing Power to Secure the IoT – A US solution

A cross-party group of US Senators have this week introduced the Internet of Things Cybersecurity Improvement Act, which would ensure that companies selling IoT devices to the Federal Government met a minimum security threshold. The minimum threshold loosely revolves around ensuring that products are patchable and prohibiting vendors from supplying devices that have unchangeable passwords.

Federal agencies would have the ability to enforce higher security measures and also petition for exceptions to the ruling if it were impractical or uneconomic to have the additional functionality. The Act also seeks to attempt to protect security researchers who exposed flaws in IoT devices used by the Government from prosecution.

Whilst the Act is limited to technology being sold to the Government the intention is that there will be substantial overspill into the wider IoT market. The development follows on from the publication of Strategic Principles for Securing the IoT from the Department of Homeland Security (DHS) in January.

The conversation in the UK and EU is currently focused on consumer devices with discussion ongoing about a potential trust or secure label. The Department for Digital, Culture, Media and Sport (DCMS) are also looking at potential interventions in this area. techUK is on the external advisory group for this project and will be holding a call between the IoT and Cyber Security Councils – if you are interested; http://www.techuk.org/events/meeting/item/11152-joint-iot-and-cyber-security-council-working-group 

FROM SOCIAL MEDIA

.@techUK's @G_Derrington discusses the current concerns from industry when it comes to skills policy and Brexit in… https://t.co/phiHP5YuLb
. @sagegroupplc & @Atos joined us today in supporting a new UK France digital conference announced today by @DCMS.… https://t.co/rQDouW3hXB
Ruth Milligan, Head of Financial Services & Payments @techUK, debunks so pervasive myths around #OpenBanking and hi… https://t.co/HZ6ojwhZJY
@techUK, @sagegroupplc and @Atos join to welcome new UK France tech summit. We look forward to deeper collaboration… https://t.co/uoo7SPMON8
Nominations now open for the 3rd Great British Scaleup Event 6-7 March 2018. Assess your scale-up potential & find… https://t.co/9dPJm538Ku
.@techUKCEO supports new tech conference with France to discuss pressing issues around technologies such as AI… https://t.co/9rzwZbsz0i
The data center sector struggles to attract and retain female staff, especially in technical roles. What are we doi… https://t.co/FDDmqG99WH
Meet the #govtech innovator of the month @carlosatshaping @ShapingCloud helping transform public services https://t.co/nW5JE1z4KD