DHS Developing IoT Security Framework of Principles
Agency official Robert Silvers urges the industry to develop long-term solutions while also taking actions to address short-term challenges.CAMBRIDGE, Mass.—All players involved in the issue of security and the internet of things need to accelerate the work they're doing, according to an official with the Department of Homeland Security. Speaking to attendees of the Security of Things Forum 2016 here Sept. 22, Robert Silvers, assistant secretary for cyber policy for DHS, said improving security in the fast-growing internet of things (IoT) is going to be a long-term issue, but that along the way there will continue to be issues in the near term that have to be addressed immediately. Procrastinating on dealing with those short-term challenges will only make the problems grow larger and more complex, Silvers (pictured) warned. "I want to call on everyone to accelerate what you're doing," he said. "This isn't easy stuff and there needs to be a lot of development problems. … I encourage people to start tackling those now because they're only going to get harder." Silvers was one of almost a dozen speakers and panelists of the day-long annual event, which looks to address the perplexing problem of how to bring security to the wide-open and varied field that is the IoT. Vendors and industry analysts expect the number of connected devices, systems and sensors to grow rapidly in the coming years, with predictions of the number of connected devices worldwide hitting 50 billion by 2020. The IT security field is continuing to wrestle with a broad array of challenges, from how to implement security in a vast and growing attack surface created by all those devices to how to secure the massive amounts of data those devices are generating.
The agenda for the event was replete with security experts from a range of vendors, including such top-tier players as Intel and IBM, as well as security officials from companies. However, Silvers said the government, in general, and DHS, in particular, have significant roles to play in the effort to secure the IoT. He pointed to plans that have been developed by such government agencies as the National Institute of Standards (NIST), Food and Drug Administration (FDA) and Federal Trade Commission (FTC) as examples. Silvers also noted the Department of Transportation's (DOT's) guidelines for connected and autonomous vehicles released this week, and lauded efforts by standards bodies in developing procedures.