As cybersecurity has been an intensely debated and widely researched issue, its application in the legislative context is also essential to explore. In the Security Magazine article, Henriquez (2020) discusses the Internet of Things (IoT) Cybersecurity Improvement Act and what it means for the public and the government. The reason behind the Act’s signing into law was to address risks related to supply chains within the federal governments as a result of insecure devices with minimum requirements for security. Specific requirements of the Act include the mandatory publishing of standards and guidelines on the use of IoT devices by the federal government or the NIST’s updates of IoT standards, procedures, and policies once in five years.
Because many IoT applications are designed in a way to allow digital interactions with other programming interfaces, it has become a priority to identify and reduce the occurrence of security vulnerabilities. Through the Act’s implementation, digital devices can be “secured using alternative and effective methods” (Henriquez, 2020, para. 5). Important data that the legislation would safeguard include medical records, workplace plans, personally identifiable information, and any other sensitive data that can become available when devices connect to private corporate networks. Criminals often look for information to steal and use for fraud because the decreased prioritization of security measures in vulnerable products allows them to do so. Therefore, the IoT Cybersecurity Improvement Act is a step in the right direction for ensuring device protection when they connect to high-priority networks. Besides, with the Act’s implementation, it will be curious to see whether companies increase the security of devices targeted to consumers as a result of the increased expectations of safety.
Reference
Henriquez, M. (2020). IoT Cybersecurity Improvement Act signed into law. Security Magazine. Web.