"The IoT Cybersecurity Improvement Act: A First Step in Bolstering Smart Technology Security"
Every second, 127 new IoT devices are connected to the web, and experts predict that by 2025, that figure will equate to more than 75 billion connected devices overall. IoT devices are often riddled with security vulnerabilities impacting security and privacy both at a consumer and corporate level. The Internet of Things Cybersecurity Improvement Act of 2020 is the first-of-its-kind legislation that requires the creation of security standards and guidelines for IoT devices used in and purchased by the federal government. It encompasses issues such as secure development, identity management, patching processes, and configuration management. The IoT security bill also calls for guidelines in vulnerability reporting for IoT devices in government networks and those of federal contractors. The researchers stated that as the use of connected devices continues to grow exponentially over time, we must ask ourselves, "is it enough?" While intended for government parties, these new guidelines can provide manufacturers and security vendors with a general roadmap of how to bolster IoT security measures overall, which has been lacking in years past. The researchers stated that the opportunity to expand and enhance IoT security is still present and needed. The bill in its current state addresses only a portion of the larger problem at hand. The security regulations outlined in the statement only apply to IoT technologies used in federal environments, rather than being applicable across all relevant IoT-enabled devices. The researchers stated that providing secure IoT technologies is still the primary responsibility of manufacturers and that end-users must demand more security measures from the companies selling such devices. End-users demanding more security measures will create a ripple effect, sparking proactive action from manufacturers and security vendors to holistically address IoT security concerns from the start, with an all-encompassing set of guidelines required to secure IoT device manufacturing, distribution, and implementation. The researchers stated that only through this domino effect will IoT security move beyond the government and into one's own home and business environments.