White House and Homeland Security Publish Cybersecurity Guidelines for IoT Devices

Cybersecurity guidelines for IoT from the White House and the Department of Homeland Security

Two independent IoT (Internet of Things) cybersecurity publications were released yesterday by the White House and the Department of Homeland Security, covering guidelines and principles for creating IoT devices with in-built security measures, as well as recommended protocols for implementing such measures.

The Obama administration ‘rushed’ the NIST (National Institute of Standards and Technology) publication a month ahead of the planned release, primarily due to the escalated urgency surrounding cybersecurity for IoT devices following last month’s major Distributed Denial of Service attack that disabled parts of the United States’ internet infrastructure.

Cybersecurity has long been a concern since Internet connectivity started becoming more prolific in the 1990s. As connectivity came to mobile devices en masse in the 2000s, it became an even bigger issue. Today, the Internet of Things is next in line for in-depth scrutiny because it involves a large number of interconnected devices that are perpetually online. That increases the quantum of risk by a significant magnitude.

Both publications, however, are aimed at guiding for cybersecurity measures at the design and manufacture stage rather than at the user level. And that brings along with it the cost factor, the biggest question being: can device manufacturers be incentivized enough to make it worth their while to spend time, money and effort on incorporating security hardware and software on their devices?

The guidelines themselves target the fundamentals and system lifecycle processes for device manufacture, and provide guidelines for incorporating security protocols as part of the product lifecycle itself. The Homeland Security publication goes a step further and addresses the issues from an industrial consumer standpoint.

The purpose of these publications is to initiate a high-level awareness and evoke a sense of urgency in implementing the guidelines and principles outlined in them.

As of now, the FCC has said it is not likely to enact any mandatory standards for IoT cybersecurity, but with IoT now permeating through critical industrial areas such as power production, medical technology and transportation infrastructure, the longer things stand the way they are, the greater the risk of such systems being compromised.

Thanks for reading our work! Please bookmark 1redDrop.com to keep tabs on the hottest, most happening tech and business news from around the world. On Apple News, please favorite the 1redDrop channel to get us in your news feed.