US Congress passes bipartisan act to improve IoT security
And it only took them three years
The US Senate has unanimously passed a bipartisan bill that aims to bolster the security of IoT devices for government use.
Bill H.R.1668 - the IoT Cybersecurity Improvement Act of 2020 - mandates minimum security requirements for IoT devices purchased by the American federal agencies. Under the new legislation, the National Institute of Standards an
d Technology (NIST) will write new standards for the development, patching and management of IoT devices.Vendors will also be required to bring in a formal process for reporting and patching vulnerabilities. Before purchasing IoT devices, government agencies will ensure that what they are buying adheres to the NIST recommendations. The idea is to shield federal agencies from cyber-espionage campaigns, and to use the purchasing power of the government to encourage vendors to adopt the same standards. Some states, like Oregon and California, have already introduced laws to this effect, but the passage of the bill at the federal level will - it is hoped - encourage the IoT industry to create new device security standards. The IoT industry is notoriously lax when it comes to security. Many devices are sold without passwords, or with default passwords that do not need to be changed before the device can be used. Stories of attackers targeting the IoTare becoming more common every year. The IoT Cyber Security Act mandates that federal acquisition rules must be updated regularly to reflect new security guidelines and standards. Federal agencies will not be allowed to purchase or renew contracts for devices that fail to meet these guidelines. Sens. Cory Gardner (R-Colo.) and Mark Warner (D-Va.) first introduced the bill in 2017. Congresswoman Robin Kelly (D-Illinois) reintroduced it last year. The US Chamber of Commerce initially opposed the bill, arguing that that the law would be too burdensome on industry. The sponsors worked on the proposals to ease the concerns of the group, and after more than three yearsof bipartisan effort, it was passed unanimously in the House of Representatives in September. It has now also passed the Senate. In a statement issued after the bill’s passage, Kelly said that that the new law “will ensure that the US government purchases secure devices and closes existing vulnerabilities to protect our national security and the personal information of American families”. The bill is now off to the White House for the President’s signature. President Trump is not likely to oppose the bill, considering the fact that not a single vote was cast against the legislation. In absence of a veto, Trump can either sign it, or it will simply become a law after 10 days. The UK government is also in the planning stages for similar regulations or laws aimed at IoT security.
Author: devz123@gmail.com(Dev Kundaliya)
Date: 2020-11-24
URL: https://www.computing.co.uk/news/4023843/us-congress-passes-bipartisan-act-improve-iot-security
computing.co.uk
Companies can’t afford to ignore diversity, warns Women in Tech finalist Sarah Lucas (2020-11-16) | Increasing diversity brings new ways of thinking and unlocks a competitive advantage Diversity and inclusion have been important and growing topics in technology for years Most of the market now acknowledges that the industry has a stale male and pale problem - even though companies with more diverse workforces tend to deliver better returns High-gender-diversity companieshave outperformed on aver.. |
Industry Voice: Why tool adoption by employees will drive IT decisions in 2021 (2020-11-18) | The rapid digital transformation and resulting challenges that accompanied the shift to remote working cannot be understated According to IDC the adoption of collaborative technologies in 2020 accelerated by five years in just a few months This dramatic transformation has ultimately left organisations struggling to connect and collaborate efficiently According to an Asana survey conducted in Octob.. |
How CIOs can gain influence in the boardroom (2020-11-23) | James Robbins former CIO of Northern Rail Northumbrian Water Drax Royal Mail and others discusses his experiences surviving boardroom tussles in highly political environments and explains how other technology leaders can work to improve their own board level influence The modern CIO is an animal of the boardroom which means understanding how to navigate political situations and how to manage and i.. |
Why you should look to software-defined infrastructure for container deployments (2020-11-06) | DHL Accenture and Lloyds are just a few of the firms using StorageOSs software-defined cloud-native storage Firms around the world are moving away from monoliths and towards more streamlined agile IT environments leveraging containers and microservices These new deployments rely on orchestration systems like Kubernetes as well as experts who know how to make the most of such tools StorageOS is one.. Why you should look to software-defined infrastructure for container deployments |
Your personal details could be on sale for less than a dollar (2020-12-02) | New types of data have gone on sale in the past decade including personal medical records PayPal accounts and selfies with personal ID documents Personal data is up for sale on the Dark Web for as little as 50 cents according to a new study by researchers from Kaspersky Kaspersky conducted the study to gain a better understanding of how the payment rates for certain types of information on the Dar.. |
UKIT Industry Awards 2020: Darktrace wins security innovation of the year (2020-12-02) | Dave Palmer co-founder of Darktrace discusses security risks to organisations and describes how he felt when he heard that his organisation had won one of the coveted gongs at the UK IT Industry Awards 2020 Held virtually for the first time in its history the UK IT Industry Awards 2020 was nonetheless a roaring success with a huge online audience treated to the comic stylings of host Ed Byrne Comp.. |
‘We don’t put women on the leadership team’ - Jacqueline do Rojas on her triumph over adversity (2020-12-01) | Jacqueline de Rojas CBE President of TechUK tells delegates at the Women in Tech Festival about her successful career in IT despite setbacks and initially trying to be a man in a mans world Jacqueline de Rojas CBE President of TechUK has told delegates at the Women in Tech Festival about her triumph over various setbacks in her career in IT giving a series of life lessons for other to follow The f.. |
Get tough on Google now, 165 competitors urge the EU (2020-11-13) | Tech firms and industry bodies say planned antitrust legislation may arrive too late A group of 165 tech firms and industry bodies have written to EU antitrust chief Margrethe Vestager urging the European authorities to speed up actions against with Google on competition issues The group includes companies and associations from 21 EU countries as well as the UK and the US according to Reuters and .. |
Interest in UK’s Global Tech Talent Visa continues to grow (2020-11-20) | AI software development and fintech are the most popular sectors for Tech Talent visa holders Tech Nations latest Visa Report shows that interest in the Global Tech Talent GTT visa - which aims to attract skilled technologists from around the world to the UK - has risen in the last two consecutive years According to the report demand for the GTT visa increased 45 per cent and 48 per cent in 2019 a.. |
NCSC advises online shoppers to be careful over Black Friday (2020-11-24) | The festive period is a potentially rewarding period for cyber criminals The UKs National Cyber Security Centre NCSC on Monday issued new guidance for online shoppers advising them to be extra-cautious when searching for Black Friday deals on the internet - which are often time-limited and designed to quickly part consumers with their cash The Centre pointed out that the festive period is a potent.. |