The US Senate unanimously passed the IoT Cybersecurity Improvement Act (H.R.1668) yesterday. The US House passed the bill in September, so it is highly likely to become law, barring a Presidential veto.
This is arguably the most significant US IoT-specific cybersecurity law to date, as well as the most significant law promoting private sector adoption of coordinated vulnerability disclosure. IoT security is widely acknowledged as a global priority, and vulnerability disclosure processes are fundamental security practices, so passage of the bill should be seen as a very positive step forward for cybersecurity and the security community.
Rapid7 applauds passage of the IoT Cybersecurity Improvement Act and looks forward to working with NIST and other stakeholders on its implementation. The bill's lead sponsors - Senators Warner and Gardner, and Representatives Kelly and Hurd - deserve great credit for years of work on this important issue, and for guiding the bill over the finish line through an election, a global pandemic, and a divided Congress. As longtime supporters of the bill, Rapid7 led group letters to Congress urging passage, testified before the Senate favorably on the legislation, and blogged extensively on the bill’s progress.
[For more detailed analysis of the bill, please check out this post.]
The unanimous passage (in both House and Senate) of the IoT Cybersecurity Improvement Act demonstrates bipartisan recognition of the importance of IoT security, and the need ..
Support the originator by clicking the read the rest link below.
