- In an all-too-rare sign of Congress doing its job, on Wednesday US lawmakers introduced a new law bill aimed at improving the security of the internet-of-things.
- Cybersecurity Improvement Act has the backing of industry and security experts and is well written.
- In essence, the proposed law would require America’s National Institute of Standards and Technology (NIST) to come up with guidelines for IoT devices and would require any federal agency to only buy products from companies that met those guidelines.
- This puts the issue of what actual standards are introduced into the hands of the experts, and uses the power of federal procurement to create a de facto industry standard.
- “I applaud Senator Warner and his co-sponsors for nudging the market in the right direction by establishing thorough, yet flexible, security requirements for connected devices purchased by the government,” said Schneier.
Read full article: theregister.co.uk