Despite the uncertainty around tech policy in a Trump Administration and a Republican-controlled Congress, the need for better Internet security might be one issue that both parties can agree on. In light of a cyberattack that took down Internet services such as Netflix and Twitter last month as well as security attacks on connected devices, the House Communications Subcmte and Commerce Subcmte held a joint hearing Wed to understand the role of IoT devices.

Regulatory intervention might be inevitable moving forward, said witness Bruce Schneier, adjunct lecturer at the Kennedy School of Government at Harvard University. “If we want to secure our increasingly computerized and connected world, we need more government involvement in the security of the Internet of Things and increased regulation of what are now critical and life-threatening technologies. It’s no longer a question of if, it’s a question of when,” he told the lawmakers. He proposed minimum security standards on IoT manufacturers, which would force them to make their devices secure. And “most importantly, the government needs to resist the urge to deliberately weaken the security of any computing devices at the request of the FBI.

Devices like smart phones are becoming the de facto digital hub where we control many of our Internet of Things devices,” he said. Schneier, also a fellow at Berkman Klein Center at Harvard that focuses on cyberspace issues, warned that attempts to weaken encryption will make cyberattacks easier and more damaging. “Invest in FBI cybersecurity expertise, not back doors. Regardless of what you think about regulation vs. market solutions, I believe there is no choice. Governments will get involved in the IoT, because the risks are too great and the stakes are too high,” he said. Private companies are not always fans of government intervention, but Dale Drew, svp/chief security officer at Level 3, said there may be a role for the government to provide “appropriate guidance” and “it will be imperative for all relevant stakeholders to continue to work collaboratively to address and mitigate IoT security risks.”

Greg Walden(R-OR), head of the Communications Subcmte, asked how to create a national security framework for connected devices. The best place to start is standards, said Drew, pointing to the lack of any security standards for IoT devices. In particular, IoT makers and vendors should “embrace and abide by additional security practices to prevent harm to users and the Internet,” he said. Kevin Fu, CEO at Virta Labs and an associate professor at University of Michigan, advocated for built-in security for connected devices. “If cybersecurity is not part of the early design of an IoT device, it’s too late for effective risk control,” he said. And it will be difficult to ensure security features are built-in unless there are standards and principles set in place, he said. Cybersecurity measures should be included in national legislation, since the Internet is part of our national infrastructure, according to Anna Eshoo (D-CA). While Walden cautioned that government mandates could potentially stifle innovation, he said cybersecurity is a bipartisan matter that legislators from both sides of the aisle would want to address.

The Daily

Subscribe

Levin Reads Tea Leaves on Starlink’s Place in BEAD

New Street Research analyst and Brookings nonresident senior fellow Blair Levin has been peppered with all sorts of questions about Donald Trump’s second term as president.

Read the Full Issue
The Skinny is delivered on Tuesday and focuses on the cable profession. You'll stay in the know on the headlines, topics and special issues you value most. Sign Up

Calendar

Apr 16
Cablefax 100 Awards Nominations Open November 13th, 2024.
Full Calendar

Jobs

Seeking an INDUSTRY JOB or hiring for one?
VIEW JOBS

In conjunction with our sister brand, Cynopsis, we are offering hiring managers a deep pool of media-savvy, skilled candidates at a range of experience levels and sectors. The result will be an even more robust industry job board, to help both employers and job seekers.

Contact Carley Ashley, [email protected], for more information about posting a job on the website and our Jobs newsletter, sent twice weekly to 85,000 media professionals.