[iot-discussion] Proposed US legislation
- Previous message (by thread): [iot-discussion] Proposed US legislation
- Next message (by thread): [iot-discussion] Proposed US legislation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Michael Oghia
mike.oghia at gmail.com
Fri Aug 4 16:03:23 CEST 2017
Hi Gordon, Based on this points, I think it's a very prudent and reasonable piece of policy. I suppose the relevant institutions within the EU would be the European Commission and perhaps Europol. Best, -Michael __________________ Michael J. Oghia Independent #netgov consultant & editor Belgrade, Serbia Skype: mikeoghia Twitter <https://www.twitter.com/MikeOghia> *|* LinkedIn <https://www.linkedin.com/in/mikeoghia> On Fri, Aug 4, 2017 at 4:00 PM, Gordon Lennox <gordon.lennox.13 at gmail.com> wrote: > "Specifically, the *Internet of Things (IoT) Cybersecurity Improvement > Act of 2017* would: > > - Require vendors of Internet-connected devices purchased by the > federal government ensure their devices are patchable, rely on industry > standard protocols, do not use hard-coded passwords, and do not contain any > known security vulnerabilities. > - Direct the Office of Management and Budget (OMB) to develop > alternative network-level security requirements for devices with limited > data processing and software functionality. > - Direct the Department of Homeland Security’s National Protection and > Programs Directorate to issue guidelines regarding cybersecurity > coordinated vulnerability disclosure policies to be required by contractors > providing connected devices to the U.S. Government. > - Exempt cybersecurity researchers engaging in good-faith research > from liability under the Computer Fraud and Abuse Act and the Digital > Millennium Copyright Act when in engaged in research pursuant to adopted > coordinated vulnerability disclosure guidelines. > - Require each executive agency to inventory all Internet-connected > devices in use by the agency." > > https://www.warner.senate.gov/public/index.cfm/pressreleases?id=06A5E941- > FBC3-4A63-B9B4-523E18DADB36 > > The legislation does not try and define “things” and instead uses the term > “Internet-connected devices”. I think this is a good approach. > > It is though limited to devices purchased by the Federal government and so > does not include devices bought by companies and/or consumers. > > Various US agencies are seen as having a role. Which would be the > equivalent agencies in the EU? > > Gordon > > > _______________________________________________ > iot-discussion mailing list > iot-discussion at ripe.net > https://lists.ripe.net/mailman/listinfo/iot-discussion > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.ripe.net/ripe/mail/archives/iot-wg/attachments/20170804/58273126/attachment.html>
- Previous message (by thread): [iot-discussion] Proposed US legislation
- Next message (by thread): [iot-discussion] Proposed US legislation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ iot-wg Archives ]