The never-ending conversation about IoT security continues onward, but without much resolution. There are a host of government bodies that are proposing definitive regulation for IoT devices in general. Some government entities are urging manufacturers to simply adopt a prescribed set of best practices. The issue that remains, and has yet to be reconciled, is that most any standard would be incomplete due to the both the connection of older non compliant devices, along with the ever increasing world of multi-vendor IoT and AI providers. The article that follows describes in detail many of the existing hurdles and what is being considered to address these ongoing issues.
The ease with which internet of things devices can be compromised, coupled with the potentially extreme consequences of breaches, have prompted action from legislatures and regulators, but what group is best to decide?
Both the makers of IoT devices and governments are aware of the security issues, but so far they haven’t come up with standardized ways to address them.
“The challenge of this market is that it’s moving so fast that no regulation is going to be able to keep pace with the devices that are being connected,” said Forrester vice president and research director Merritt Maxim. “Regulations that are definitive are easy to enforce and helpful, but they’ll quickly become outdated.”
The latest such effort by a governmental body is a proposed regulation in the U.K. that would impose three major mandates on IoT device manufacturers that would address key security concerns: