14 DAY TRIAL // The Department of Homeland Security (DHS) is expected to announce a set of guidelines for developing and securing Internet of Things (IoT) devices at The Security of Things Forum, in Cambridge Massachusetts, on Thursday, according to The Security Ledger, one of the event's co-hosts.
Robert Silvers, the DHS Assistant Secretary for Cyber Policy, is expected to present and field questions about a yet unfinished set of guidelines regarding IoT security.
"We think everyone. Govt. industries, consumers need to get serious about reasonable security being built into IoT devices. And we need to do it now before we’ve deployed an entire ecosystems," Silvers told Paul Roberts, Editor in Chief and Founder of The Security Ledger.
The DHS has a major role to play in the US and worldwide infosec community, being in charge of the US Computer Emergency Readiness Team (US-CERT), and one of the main sponsors of the National Vulnerabilities Database (NVD).
Guidelines, guidelines everywhere
The DHS is not the only US government body looking into deploying guidelines for IoT security, but it certainly has the biggest voice and sphere of influence.
The Food and Drug Administration (FDA) has issued guidelines for securing smart medical devices against cyber-attacks, while the FTC has also put forward guidelines for securing customer private data on IoT devices.
In the infosec community, IoT security has become a running joke, with new reports on insecure IoT devices being released on a daily basis. If you were curious, today's insecure IoT device is the BT Wi-Fi Extender, after security researchers from Pen Test Partners published a report today detailing multiple vulnerabilities.
Even the TOR Project has taken notice of IoT insecurity, and has entered an alliance with other projects to create a technology for securing client-server communications for IoT devices using the Tor network.