While the recently passed IoT Cybersecurity Improvement Act of 2020 may only apply to Internet of Things (IoT) devices purchased by the federal government, lawyers say it may become a de facto IoT cybersecurity baseline for the private sector. 

After previous IoT cybersecurity bills fizzled, on Dec. 4, 2020, the IoT Cybersecurity Improvement Act was signed into law. The measure placed a 90-day deadline on the National Institute of Standards and Technology’s (NIST) to develop and publish standards and guidelines for the federal government’s use and management of IoT devices. After NIST submits its guidelines, the Office of Management and Budget (OMB) has roughly six months to review and enact those standards. NIST is required to review and potentially revise its guidelines at least every five years, according to the law.

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]