November 25, 2020
On November 17, 2020 the senate passed H.R. 1668, the Internet of Things Cybersecurity Improvement Act of 2020, by unanimous consent. It is expected to be signed into law, making it a major step in describing and enforcing Internet of Things (IoT) cybersecurity.
In short, this bill requires that the National Institute of Standards and Technology (NIST) set standards, guidelines, and best practices for IoT devices that are procured or used by federal agencies. While the scope of the bill is limited to federal contracts (via the Federal Acquisition Regulations (FAR)), we believe it will have far-ranging consequences on the security of IoT and other embedded systems in the future.