Experts to Congress: You must act on IoT security. Congress: Encourage industry to develop best practices, you say?
Congress provided a masterclass in selective hearing Wednesday when urged by experts to do something about the increasing risk posed by poor IoT security.
At a session of the House's Energy and Commerce Committee into last month's attack on DNS provider Dyn that caused widespread disruption to online services, several security experts highlighted the main problem as a lack of security standards and urged Congress to act. Their pleas were repeatedly rebuffed.
Chief security officer of Level 3, Dale Drew, warned representatives that "the current lack of any security standards for IoT devices" was a big part of the problem, and said IoT manufacturers needed to "embrace and abide by additional security practices to prevent harm to users and the internet." He argued that "there may be a role for the government to provide appropriate guidance."