The Internet of Things Cybersecurity Training for Federal Employees Act would require federal employees to receive IoT cybersecurity training.
Cybersecurity training is finally getting the attention it deserves. Newly proposed legislation is starting to work its way through Congress.
Specifically, Rep. Ro Khanna, D-Calif, introduced legislated designed to improve federal employees’ understanding and enforcement of IoT security. The Internet of Things Cybersecurity Training for Federal Employees Act would require Congress to direct the Office of Management and Budget to require federal employees receive cybersecurity training and information on the security risks of IoT devices, which are defined as everyday devices that are connected to the internet, such as cars, smartwatches, and smart home appliances. Unfortunately, many IoT devices still do not come with strong security and are difficult to patch after the fact.
“The [bill] will ensure that our federal workforce is aware of these vulnerabilities when using IoT devices at work and at home,” Khanna said in anannouncement. “This simple bill does its part in modernizing our government into the 21st century.”
According to the Congressional Research Service (CRS), “IoT objects are potentially vulnerable targets for hackers. Economic and other factors may reduce the degree to which such objects are designed with adequate cybersecurity capabilities built in. IoT devices are small, are often built to be disposable, and may have limited capacity for software updates to address vulnerabilities that come to light after deployment.”
Rep. Khanna has also sponsored legislation requiring the Bureau of Economic Analysis to study the effects of broadband adoption and deployment on the U.S. economy and legislation to advance the Department of Homeland Security’s (DHS) Continuous Diagnostics Mitigation (CDM) program. He’s also working on legislation to address election interference on social media platforms.