In response to comments on the National Telecommunications & Information Administration (NTIA) IoT Request for Comment (RFC) and the Stakeholder Engagement on Cybersecurity in the Digital Ecosystem RFC in 2015, NTIA held a workshop on “Fostering the Advancement of the Internet of Things” September 1. The workshop continued the process of gathering stakeholder input, which will be used to develop the Department of Commerce/NTIA IoT Green Paper, expected to be released later this fall. The Green Paper will make policy recommendations for the next Administration and Congress.
During the workshop, panelists drilled down on the importance of using the NIST Cybersecurity Framework for the IoT and emphasized public-private coordination on IoT security and a light regulatory touch. There was also discussion of coordinating IoT standards and best practices across sectors and regulatory frameworks in order to reduce fragmentation.
Also in response to comments filed on the IoT RFC and the cybersecurity RFC in 2015, NTIA announced a new multistakeholder process to support better consumer understanding of IoT products that support security upgrades. Specifically, NTIA identified promoting transparency how patches or upgrades to IoT devices and applications are deployed. Potential outcomes could include a set of common, shared terms or definitions that could be used to standardize descriptions of security upgradability or a set of tools to better communicate security upgradability.