By: Kelsey Reichmann
The National Institute of Standards and Technology released a new report June 27 detailing the cybersecurity and privacy risks associated with the Internet of Things and solutions for how government agencies can manage them.
IoT devices can create cybersecurity vulnerabilities for government agencies by exposing private data, the accuracy of data or data availability and may compromise personally identifiable information. As the popularity of the devices grows, so too does scrutiny. In March, a bipartisan group in Congress proposed the “Internet of Things (IoT) Cybersecurity Improvement Act of 2019” that would require that devices purchased by the U.S. government meet certain minimum security requirements.
They are vulnerable to the physical world
IoT devices are particularly vulnerable because they interact with the physical world differently than IT devices. For example, IoT devices can manage items such as heating coils, cardiac electric shock delivery, electronic door locks, unmanned aerial vehicle operation, servo motors, and robotic arms, the report said. This gives them ability to make physical changes to their environment and potentially endangering human safety.
They can be difficult to manage
IoT devices are often accessed, managed, and monitored differently than traditional devices. The report refers to IoT devices as “black boxes” that offer little visibility into their composition, software, and configuration. IoT devices commonly lack management features and interfaces, which can make it difficult to manage them.
No comments:
Post a Comment