The U.S. House of Representatives this week passed the IoT Cybersecurity Improvement Act, a bill whose goal is to improve the security of IoT devices.
First introduced in 2017 and reintroduced in 2019, the IoT Cybersecurity Improvement Act will now have to pass the Senate before it can be signed into law by the president.
The bipartisan legislation is backed by Reps. Will Hurd (R-Texas) and Robin Kelly (D-Ill.), and Sens. Mark Warner (D-Va.) and Cory Gardner (R-Colo). There are also several major cybersecurity and tech companies that support the bill, including BSA, Mozilla, Rapid7, Cloudflare, CTIA and Tenable.
“The House passage of this legislation is a major accomplishment in combatting the threats that insecure IoT devices pose to our individual and national security. Frankly, manufacturers today just don’t have the appropriate market incentives to properly secure the devices they make and sell – that’s why this legislation is so important,” Warner said after the bill passed the House.
“I commend Congresswoman Kelly and Congressman Hurd for their efforts to push this legislation forward over the past two years. I look forward to continuing to work to get this bipartisan, bicameral bill across the finish line in the Senate,” he added.
If it becomes law, the IoT Cybersecurity Improvement Act will require NIST to issue standards and guidelines for secure development, patching, identity management, and configuration management for IoT products. All IoT devices acquired by the federal government will have to comply with these recommendations.
NIST will also have to work with researchers, industry experts and the DHS to issue guidance on the coordinated disclosure of vulnerabilities found in IoT devices, and contractors and vendors working with the U.S. gover ..
Support the originator by clicking the read the rest link below.
