The IoT Cybersecurity Improvement Act would require the National Institute of Standards and Technology to set best practices for device security. The Office of Management and Budget would then create guidance for agencies to meet or exceed those standards.
The bill would also require the Department of Homeland Security to publish guidance on coordinated vulnerability disclosures for contractors and vendors.
The lawmakers behind this effort – Reps. Will Hurd (R-Texas) and Robin Kelly (D-Ill.), along with Sens. Mark Warner (D-Va.) and Cory Gardner (R-Colo.) – have spent more than three years trying to get this bill over the finish line.