Over the last several years, the internet of things (IoT) has not only come to pervade our home life, but our work life as well. A smart thermostat adjusts office temperatures based on changes in the weather, and the vending machine in the hall issues an alert when it needs to be refilled. Yet the increase in comfort and ease does not offset the massive risk these devices still pose to the security of an organization.
California has taken steps to reduce this risk, and on January 1, 2020, the state’s new IoT Security Law will go into effect, which is the first of its kind, not only in California, but in the entire U.S. It mandates that all IoT devices sold in the state must also have “reasonable cybersecurity measures” embedded. Yet the question remains: What is reasonable?
via Council Post: California’s IoT Security Law: Why It Matters And The Meaning Of ‘Reasonable Cybersecurity’.