A bill to provide minimal cybersecurity operational standards for Internet-connected devices purchased by Federal agencies, and for other purposes
Internet of Things (IoT) Cybersecurity Improvement Act of 2017
This bill requires Internet-connected devices purchased by federal agencies to meet specified security requirements, including requirements that the devices (1) do not contain known security vulnerabilities or defects; (2) rely on software or firmware components capable of accepting properly authenticated and trusted updates from the vendor; (3) rely only on non-deprecated industry-standard protocols and technologies for certain functions; and (4) do not include fixed or hard-coded credentials.
Referred to the Committee on Oversight and Government Reform, and in addition to the Committee on Science, Space, and Technology, for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.
Introduced in Senate
Read twice and referred to the Committee on Homeland Security and Governmental Affairs.
checking server…
Ask anything about this bill. The AI reads the full text to answer.
Enter to send · Shift+Enter for new line