David O'Brien comments on the recently unveiled Internet of Things (IoT) Cybersecurity Improvement Act of 2019.
"Although the bill falls short of a full-blown regulatory or liability regime for IoT security, it could make some significant strides towards ratcheting up the status quo not just for government agencies but for the general public, too. The theory of change is that by catalyzing adoption of NIST standards by requirement for a small slice of the private sector, those standards become a norm to which more vendors will voluntarily adhere because they hope to sell their products to government agencies in the future or because it is fashionable."