The House on Monday passed legislation to improve the security of federal internet-connected devices, with the bill garnering bipartisan support.
The Internet of Things (IoT) Cybersecurity Improvement Act, passed unanimously by the House, would require all internet-connected devices purchased by the federal government — including computers, mobile devices and other products with the ability to connect to the internet — to comply with minimum security recommendations issued by the National Institute of Standards and Technology.
The legislation would also require private sector groups providing devices to the federal government to notify agencies if the internet-connected device has a vulnerability that could leave the government open to attacks.
The bill is sponsored in the House by Reps. Robin KellyRobin Lynne KellyRaces heat up for House leadership posts Battle looms over Biden health care plan if Democrats win big Lawmakers set for tearful goodbye to John Lewis MORE (D-Ill.) and Will HurdWilliam Ballard HurdHouse Democrats’ campaign arm reserves .6M in ads in competitive districts Trump, GOP seek to rebut Democratic narrative on night one ‘Trump show’ convention sparks little interest on K Street MORE (R-Texas) and more than two dozen others.
The bill was approved by the House Oversight and Reform Committee last year. Committee Chairwoman Carolyn MaloneyCarolyn Bosher MaloneyBusiness groups back pandemic insurance bill modeled on post-9/11 law Democrats reveal Medicaid chief’s spending on high-paid consultants The Hill’s Morning Report – Sponsored by National Industries for the Blind – Prudent or ‘pathetic’? GOP senators plan to vote on coronavirus relief Thursday MORE (D-N.Y.) said on the House floor Monday that the bill would help address the “silent war” the U.S. government faces from hackers on a daily basis.
“Currently there are no national standards to ensure the security of these connected devices,” Maloney said. “Protecting our nation from cyber threats is an ongoing, interactive process that requires established, baseline standards and constant vigilance.”
Both Hurd and Kelly spoke on the House floor in support of the legislation, with Kelly noting that she believed it is a “strong bill that I think can be passed by both chambers and signed into law.”
Hurd said the bill would help the U.S. government “take advantage of technology before it takes advantage of us.”
“The Internet of Things is showing just how innovative humans can be, but like most innovations, IoT has the potential to be misused and abused by bad actors,” Hurd said. “If our security practices for using the Internet of Things does not evolve as our use of it grows, then we will find out how innovative criminals, hackers and hostile foreign governments can be.”
The legislation has also been introduced in the Senate, where it is primarily sponsored by Sens. Mark WarnerMark Robert WarnerSenate panel seeks documents in probe of DHS whistleblower complaint Microsoft warns Russia, China and Iran targeting US election Intel panel rebuffs request to share info for GOP’s Obama-era probes MORE (D-Va.) and Cory GardnerCory Scott GardnerCongress needs to finalize space weather bill as solar storms pose heightened threat Trump courts Florida voters with moratorium on offshore drilling Democrats push White House to oust head of public lands bureau MORE (R-Colo.). It was approved by the Senate Homeland Security and Governmental Affairs Committee last year, and awaits a vote in the Senate.
“The House passage of this legislation is a major accomplishment in combating the threats that insecure IoT devices pose to our individual and national security,” Warner said in a statement following the bill’s passage in the House. “Frankly, manufacturers today just don’t have the appropriate market incentives to properly secure the devices they make and sell – that’s why this legislation is so important.”
“I look forward to continuing to work to get this bipartisan, bicameral bill across the finish line in the Senate,” he added.