Bill addresses IoT risks, cybersecurity training

Rep. Ro Khanna introduced Monday a measure designed to consider federal employee cybersecurity training and information on the risks of Internet of Things (IoT) devices.

“The Internet of Things Cybersecurity Training for Federal Employees Act will ensure that our federal workforce is aware of these vulnerabilities when using IoT devices at work and at home,” he said. “This simple bill does its part in modernizing our government into the 21st century.”

The Congressional Research Service (CRS) maintains IoT objects are potentially vulnerable targets for hackers, adding economic and other factors may reduce the degree to which such objects are designed with internal adequate cybersecurity capabilities.

IoT devices are small, often built to be disposable, and may have limited capacity for software updates to address vulnerabilities that come to light after deployment, per the CRS.

The measure would also create an Information Sharing and Analysis Center (ISAC) and make it easier for tech companies to exchange information about potential threats with each other and the government.

Officials acknowledge if Facebook catches a user trying to sow discord on their platform to interfere in an election, certain legal obstacles prevent them from informing other social media companies like Twitter or Google. The goal of the legislation is to ensure social media companies can tackle election interference in the same way banks can share information about fraudulent accounts.