IoT security

Congress proposed a bill to improve the security of internet-enabled devices called the Internet of Things (IoT) Cybersecurity Improvement Act of 2019.

The bipartisan legislation is aimed at establishing standards for any internet-connected device acquired by or used by an employee of the federal government. IoT devices have long been a weak point in the cybersecurity of agencies and organizations and have also been a favorite target for hackers, despite their continuous market growth.

“The Internet of Things (IoT) landscape continues to expand, with most experts expecting tens of billions of devices to be operating on our networks within the next several years,” said Colorado Senator Cory Gardner. “As these devices continue to transform our society and add countless new entry points into our networks, we need to make sure they are secure, particularly when they are integrated into the federal government’s network.”

“While I’m excited about their life-changing potential, I’m also concerned that many IoT devices are being sold without appropriate safeguards and protections in place, with the device market prioritizing convenience and price over security,” said co-signer Senator Mark Warner.

Tech companies including Symantec, Mozilla, and Cloudflare have all shown support for the bill, but others have noted that similar pieces of legislation proposed in 2017 and 2018 failed to pass.

See the text of the legislation here.