recommended reading

What the White House Cybersecurity Plan Says About the Internet of Things

a-image/Shutterstock.com

The White House’s new national action plan on cybersecurity, released earlier this month includes a nod to the so-called smart home -- and the vulnerabilities that could accompany an increasingly connected network of sensors, devices and appliances.

It’s among the first times the White House has acknowledged the risks the Internet of Things could pose to consumers and a formal signal the administration is broadening its view of potential attack targets to include everyday devices, according to Gartner analyst Mark Hung.

For the past year, Congress has been convening hearings and discussions related to the Internet of Things, covering various topics including the potential economic benefit to American businesses, privacy concerns for consumers, and encryption of personal data.

In the plan, the White House notes the Department of Homeland Security is working with Underwriters Laboratories, a security certification company, to create a Cybersecurity Assurance program that could evaluate connected devices for safety vulnerabilities before consumers buy them. These “things” might include “refrigerators or medical infusion pumps,” the plan said.

It doesn’t necessarily mean the White House and DHS plan to devote disproportionate resources to protecting consumers’ kitchenware, Hung said.

“Attackers, they value their time, too," Hung said. "They’re going to pick the most valuable asset to attack. In most cases it’s not going to be people’s washers or refrigerators. Hackers may not be interested in hacking your refrigerator, but they may be interested in attacking the president’s refrigerator or a Fortune 500 CEO’s.”

Still, “despite the mention of the refrigerator thing, I think the vast majority of DHS’ concern is with the commercial and industrial [applications],” Hung said. “Whether it’s energy generation, whether it’s manufacturing, whether it’s overall infrastructure."

As attack points proliferate, “obviously, the government feels that there is a role that it needs to play in helping secure” that rapidly growing network, he said.

In January, DHS issued a call to startups in the private sector who have technology that can detect devices and sensors in the Internet of Things and also verify or authenticate them. The Internet of Things "allows every node, device, data source, communication link, controller and data repository ... to serve as a security threat and be exposed to security threats,” that notice said.

Correction: An earlier version of this article misidentified Mark Hung's employer. He is an analyst with Gartner. 

(Image via /Shutterstock.com)

Threatwatch Alert

Software vulnerability

Malware Has a New Hiding Place: Subtitles

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download

When you download a report, your information may be shared with the underwriters of that document.