Wouldn’t it be nice…if you could trust your device? Thumbnail
Internet of Things (IoT) 19 April 2018

Wouldn’t it be nice…if you could trust your device?

By Steve OlshanskyFormer Director, Trust, Technology, Policy and Strategy
Ryan PolkDirector, Internet Policy

Wouldn’t it be nice if you could trust that your device is secure, so that it isn’t leaking your private data, becoming a bot and attacking other users, or putting you at risk?

We think so too.

By using their buying power to influence the market, combined with forward-looking, smart policies and regulations, governments can help build an Internet of Things (IoT) we can trust. With over ten billion IoT devices, applications, and services already in use, and the number of connected devices forecasted to jump to over thirty-eight billion by 2020, ensuring that governments take the right actions now around IoT security is critical.

Governments have important choices to make now to help ensure that IoT consumers are secure, innovation can flourish, and we can all fully benefit from IoT.

We are pleased to release IoT Security for Policymakers, a discussion paper to help provide a solid foundation for policymakers and regulators as they address IoT security. In the paper, we highlight key issues and challenges of IoT security, along with guiding principles and recommendations. While many of IoT’s challenges are technical, some of the most pressing are social, economic, or legal. There are countless consumers with little knowledge or information about IoT security, which constrains consumer demand for well-secured products over ill-secured ones. In addition, good IoT security is slow and expensive for manufacturers to develop, leading many to make security an afterthought. In many cases, there is legal uncertainty around accountability for IoT security, making it difficult to assign responsibility or ensure compensation for harm. IoT also presents important privacy challenges, however, those will be addressed in a forthcoming paper focused on privacy and IoT.

While none of these security challenges can be addressed by governments alone, there are important steps that governments can and should take now to make a difference. Our paper identifies some guiding principles and key actions for policymakers to take to help solve these challenges. Some of these actions are regulatory, like strengthening accountability by clearly assigning liability in advance. Others rely on the strong buying power of governments. For example,  changing procurement policies to emphasize security so that companies have greater incentives to produce IoT products and services with strong security features..

It is incumbent upon us all – policymakers, businesses, members of the technical community, and civil society – to ensure that IoT’s impact is a positive one by proactively tackling its challenges, while enabling its opportunities for all.

Please read and share our new paper, IoT Security for Policymakers, to learn about the challenges we face and how governments, policymakers, and regulators can make a difference. As the discussion paper continues to evolve, we welcome your comments at [email protected].

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Building Trust 5 December 2019

Rural Development Special Interest Group Organizes Internet Connectivity Tag 2019

In November, the Internet Society Rural Development Special Interest Group (RD SIG) organized an event called the Internet Connectivity Tag 2019 in Bangalore,...

Building Trust 14 November 2019

IoT Security Policy Platform Wants to Raise the Bar On Global IoT Security

By next year, five Internet of Things (IoT) devices are projected to be in use for every person on...

Building Trust 2 October 2019

Celebrating National Cybersecurity Awareness Month

Every October, we mark National Cybersecurity Awareness Month. From the U.S. Department of Homeland Security website, “Held every October,...