How can policy makers address the IoT digital security challenge?
Jun 7, 2021 | 11:15 AM - 12:25 PM
Jun 7, 2021 | 11:15 AM - 12:25 PM
Description
According to various estimates, 2021 saw the number of Internet of Things (IoT) devices reach the milestone of 25 billion globally. From connected toys and appliances to cars and healthcare products, IoT devices are notoriously insecure and often lack basic security features such as an update mechanism. Too often, IoT supply-side actors lack a culture of digital security, which results in poor risk management practices. For instance, many of them do not have clear and transparent policies regarding vulnerability disclosure, security updates and their products’ end-of-life. This situation raises serious challenges for digital security, from the enrolment of IoT devices into massive botnets (e.g. as shown by the Mirai malware in 2016) to new risks related to user safety.
In many countries, policy makers are rising to the challenge and developing policies to enhance IoT security, from labels and certification to regulations such as ex ante legal requirements and stricter liability law for manufacturers.
This session will discuss how public policies can improve this situation. Key questions include:
• How can certification and labelling help enhance IoT digital security?
• How do we avoid the creation of a “global Internet of Forgotten Things”?
• Will consumer IoT safety risk be a game changer?
• How can digital security policies and requirements take into account the heterogeneity of IoT devices?