Enrique Dans – The US Congress, despite the damage the outgoing president’s refusal to accept defeat is causing, seems to have managed to finalize the processing of an apparently very complete law on the security of the Internet of Things (IoT), a nice baseline that will help consolidate a much-needed part of an environment that promises very high growth in the near future, as billions of devices of all kinds are progressively connected to the internet.

The IoT Cybersecurity Improvement Act, the unanimous approval of which has been celebrated by most of the industry, was conceived with the advice of companies such as Symantec, Mozilla and BSA The Software Alliance, is based on a list of considerations that IoT devices must cover: secure development, identity management, patching, and configuration management.

The law establishes a series of requirements that will allow a baseline to be established in the consideration of IoT-related products: consumer electronics companies will be able to choose not to comply with them, and therefore it will not be illegal to offer unsafe products on the market — which will predictably have lower prices — but for those who prefer to pay for a higher level of security, there will be at least a series of basic industry standards to which they can refer, and which other manufacturers more committed to security will be able to use. Some states, like California and Oregon, have already developed legislation in this regard, but the passage of a law at the federal level is a strong incentive to create industry standards. Read On: