US Government Preparing a Guideline for the Internet of Things

Exterminator

Exterminator

Community Manager
Thread author
Verified
Staff Member
Well-known
Oct 23, 2012
12,527
The Department of Homeland Security (DHS) is expected to announce a set of guidelines for developing and securing Internet of Things (IoT) devices at The Security of Things Forum, in Cambridge Massachusetts, on Thursday, according to The Security Ledger, one of the event's co-hosts.

Robert Silvers, the DHS Assistant Secretary for Cyber Policy, is expected to present and field questions about a yet unfinished set of guidelines regarding IoT security.

"We think everyone. Govt. industries, consumers need to get serious about reasonable security being built into IoT devices. And we need to do it now before we’ve deployed an entire ecosystems," Silvers told Paul Roberts, Editor in Chief and Founder of The Security Ledger.

The DHS has a major role to play in the US and worldwide infosec community, being in charge of the US Computer Emergency Readiness Team (US-CERT), and one of the main sponsors of the National Vulnerabilities Database (NVD).

Guidelines, guidelines everywhere
The DHS is not the only US government body looking into deploying guidelines for IoT security, but it certainly has the biggest voice and sphere of influence.

The Food and Drug Administration (FDA) has issued guidelines for securing smart medical devices against cyber-attacks, while the FTC has also put forward guidelines for securing customer private data on IoT devices.

In the infosec community, IoT security has become a running joke, with new reports on insecure IoT devices being released on a daily basis. If you were curious, today's insecure IoT device is the BT Wi-Fi Extender, after security researchers from Pen Test Partners published a report today detailing multiple vulnerabilities.

Even the Tor Project has taken notice of IoT insecurity, and has entered an alliance with other projects to create a technology for securing client-server communications for IoT devices using the Tor network.
Click to expand...
 
  • Like
Reactions: shukla44 and frogboy
bunchuu

bunchuu

Level 8
Verified
Well-known
Mar 17, 2015
370
I think IoT will suffer from RAT in the future, so it's good move to secure it now.
 
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
It must enforce strong security concepts, calling security companies to make a component that will implement lesser signatures and more on behavior protection.

IoT is different where massive damage is such wider as a typical security program may not enough for prevention.
 
  • Like
Reactions: shukla44
E

Entreri

Level 7
Verified
May 25, 2015
342
It will be fascinating and entertaining I am sure.

Ransomware can take on a whole new meaning with IoT.

How much are you willing to pay for your life? Car, house, medical equipment in you. Now if government x,y,z mandates backdoor a,b,c, it will be delicious.
 
  • Like
Reactions: frogboy
You must log in or register to reply here.

Similar threads

vtqhtr413
    • Like
IoT Startup OP[4] Launches With Firmware Security Platform
Replies
0
Views
391
News Archive
vtqhtr413
vtqhtr413
MuzzMelbourne
    • Like
Microsoft: Hackers hijack Linux systems using trojanized OpenSSH version
Replies
0
Views
1,053
News Archive
MuzzMelbourne
MuzzMelbourne
vtqhtr413
    • Like
    • +Reputation
Security News TheMoon malware infects 6,000 ASUS routers in 72 hours for proxy service
Replies
4
Views
1,039
Security News
Jonny Quest
Jonny Quest

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top