Is the U.S. finally about to take IoT security seriously?

Does IoT stand for “internet of threats”? One senator says it might soon, and warned that the internet of things could “pose a direct threat to economic prosperity, privacy and our nation’s security.”

Indeed, security issues plaguing IoT devices have long been a concern, and last week congressional Democrats introduced a bill designed to help mitigate what are seen as widespread vulnerabilities. But while the effort is noble and may help raise awareness of the issues, there are lots of reasons why the Cyber Shield Act of 2017 won’t end up doing much to actually solve the problem.

What’s in the Cyber Shield Act of 2017

The bill, in the works for months and introduced by Sen. Edward J. Markey of Massachusetts (who made the “internet of threats” quip in a statement) and Rep. Ted W. Lieu from Los Angeles, calls for a voluntary scheme to evaluate, certify and label IoT devices that meet certain benchmarks for internet and data security. The idea is to create a Cyber Shield Advisory Committee made up of industry representatives, cybersecurity experts, public interest advocates and government wonks. Reporting to the secretary of commerce (currently Wilbur Ross), the committee would have a year to establish the content and format of the proposed IoT device labels.

It’s a good idea, really. After all, the best time to secure an IoT device is before it gets deployed, and a cybersecurity seal of approval could theoretically help warn consumers away from the most vulnerable choices.

Leave a Reply

Your email address will not be published. Required fields are marked *