'Cyber Shield Act’ Aims To Establish Cybersecurity Standards for IoT Devices

The bill, introduced by Democratic legislators on Tuesday, would direct a committee to create security benchmarks and then give labels to products who meet those standards.

• By Haley Samsel
• Oct 24, 2019

Under a bill proposed by Democratic legislators in the House and Senate on Tuesday, a committee would establish “cyber benchmarks” for internet-connected devices posing security risks to companies and organizations.

IoT devices have been the subject of increased scrutiny as more workers use their personal laptops and cell phones to complete business tasks, many of which contain sensitive information. The Cyber Shield Act, reintroduced by Sen. Ed Markey of Massachusetts and Rep. Ted Lieu of California after it failed to gain traction in 2017, hopes to create a set of standards for the Internet of Things.

An advisory committee including cybersecurity experts from the federal government, business and academia would come together to develop the benchmarks. From there, products like baby monitors, printers, phones and computers can be manufactured to meet those benchmarks and earn a “Cyber Shield” label to show they have met the cybersecurity standards, The Hill reported.

“We can’t ignore data security while we encourage technological advancement in every sector of our lives,” Lieu said in a statement.

He added that the legislation would empower consumers to purchase products that keep their data safe and reward businesses who prioritize customer privacy. Multiple advocacy groups have endorsed the bill, including the Internet Association and Public Citizen. Software companies Rapid7 and Cybereason have also put their support behind the legislation, according to The Hill.

The massive growth of IoT devices and increasing reports of cybersecurity breaches were the main drivers behind the legislation. Some estimates project that there will be over 75 billion IoT devices in use around the world by 2025.

“The IoT will also stand for the Internet of Threats until we put in place appropriate cybersecurity safeguards,” Markey said in a statement. “By creating a cybersecurity certification program, the Cyber Shield Act will give consumers a seal of approval for more secure products, as well as encourage manufacturers to adopt the best cybersecurity practices so they can compete in the marketplace for safety."