IoT has gone mainstream. Home refrigerators are chattier than ever, and emerging virtual home assistants can order wings for dinner, turn on lawn sprinklers, start the car and purchase pounds of cookies. Yet behind the headlines of these gee-whiz cyber technologies lurks a shortcoming. It is one that poses significant threats to national security but could be remedied fairly easily, some experts offer.
The mobile device and sensor industries lack uniform security standards and a system of checks and balances—something akin to the safety standards for electrical devices and components offered by the global safety consulting and certification company UL, formerly Underwriters Laboratories.
“You can’t sell a blender at Macy’s without it having the Underwriters Laboratories stamp on it,” signals Kevin Kelly, CEO of LGS Innovations, which researches, develops and deploys networking and communications solutions for government and commercial organizations. “They’ve published standards that say, in order for this to be considered safe, you [the] manufacturer must meet the following standards, and you must have your own internal inspection team that tests these devices.
“The same does not apply for Internet-connected devices. It’s really left the door wide open for bad actors, bad practice and people being careless with developing devices.”