iot government

High demand for IoT regulation, survey finds

A recent survey by cybersecurity provider Gemalto found that only about half of businesses can tell if any of their internet-of-things devices has suffered a breach. Given that risk, and the exploding number of IoT devices coming online, 95 percent of the 950 respondents supported some IoT security regulation.


NIST maps out IoT security standards

A new draft report aims to help policymakers, managers and others find common ground for securing the internet of things. Read more.

17 reasons not to trust IoT … yet

The National Institute of Standards and Technology has issued a draft report listing 17 "technical concerns" that can undermine trust in internet-of-things products and services. Read more.

5 use cases for smart city IoT

A white paper from Georgia Tech dives into IoT technology for municipal services, utilities, public safety, transportation and health care. Read more.

Among those supporting more regulation, 59 percent said rules should include identifying who is responsible for securing data in different parts of the ecosystem, and 53 percent said there should be consequences for lapses.

In the U.S., lawmakers and the federal agencies have considered different approaches to the explosion of endpoints and data created by IoT technology, but as GCN's sibling site FCW has reported, no federal regulator is claiming jurisdiction, and Congress has yet to pass laws governing the IoT ecosystem.

This November, the House passed the SMART IoT Act. The bill, offered by Rep. Robert Latta (R-Ohio), would task the Department of Commerce with studying the current IoT industry in the United States. The research would look into what companies develop IoT technology, what federal agencies have jurisdiction in overseeing this industry and what regulations have already been developed.

Sens. Mark Warner (D-Va.) and Cory Gardner (R-Colo.) in October introduced a bill that would leverage federal buying power to prohibit agencies from acquiring IoT devices and sensors that aren't patchable and that don't have changeable passwords.

The National Institute of Standards and Technology has also been working to develop guidance on IoT cybersecurity and privacy risks. It put a draft of its guidance on managing IoT cybersecurity and privacy out for public comment last fall. The first round of comments closed in October. Most of NIST's employees have been furloughed since late December due to the partial government shutdown.

This article was first posted to FCW, GCN's sibling site.

About the Author

Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at or follow him on Twitter at @MRockwell4.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.