Growing national dependency on internet of things requires swift action on security front, DHS official says Credit: Bob Brown/NetworkWorld U.S. Department of Homeland Security’s Robert Silvers says his purpose in speaking at the Security of Things Forum in Cambridge on Thursday wasn’t to scare anyone, but then he went ahead and called on everyone in the room to “accelerate everything you’re doing” to secure the internet of things. As the Assistant Secretary for Cyber Policy at DHS says, IoT security is a public safety issue that involves protecting both the nation’s physical and cyber infrastructures.Acknowledging a growing national dependency on the internet of things, be it in the medical, utility or transportation fields, Silvers says IoT has his department’s full attention. And a straightforward undertaking it is not, he says.MORE: 7 cool Internet of Things companies to watch“The challenge of addressing IoT security on the front end is outweighed only by the far greater challenge of trying to bolt on or patch on security on the back end once an ecosystem is deployed,” he says. “So we all need to think about what we can do right now to get this architecture built the right way.” Long-term and parallel short-term solutions are needed, says Silvers, who adds that DHS is attempting to synch its efforts with ongoing work by NIST (Cyber-Physical Architecture), the Food & Drug Administration (on medical device security), the Department of Transportation (autonomous vehicles) and in the private sector.More specifically, DHS is formulating a series of unifying principles – and best practices — relating to IoT security, including how to patch stuff that’s already in the field and not relying on an unsustainable physical recall process. Building security into the cloud will also be an option. While much of this will wind up being non-technical and just plain common sense for those who work full time in the security industry, awareness needs to be ratcheted up in the mainstream, Silvers says (he didn’t specify when the principles would be released, only that it would be after lots of “extensive consultation” with industry stakeholders). “The undeniable fact is that there are companies out there that are not accountable for these best practices and approaches,” he says. “The undeniable fact is that there is product being pushed to market right now that has not benefited from best practice security planning.”The feds will be pushing for everyone from manufacturers to consumers to tech vendors to share IoT security approaches with each other, keeping in line with a broader effort by the Obama administration on information security sharing.Not that this is a U.S.-only issue, of course, Silvers says. “Everything in cybersecurity is transnational, but IoT especially so,” where you might have a device designed in the United States, built in China and deployed in Germany. “It’s a global issue,” he says, and coming up with policies to secure the disaggregated world of IoT will require serious diplomatic efforts. Related content news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Education Industry Education Industry news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO Security news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe