Oregon has recently passed a new cybersecurity statute, joining California in requiring manufacturers of “connected devices” to equip qualifying technology with “reasonable security features.” The new law will go into force on January 1, 2020. For further analysis, visit our recent client alert.
Cheryl A. Falvey
NIST Surveys and Assesses Broad Landscape of IoT Cybersecurity Standards in Interagency Report
Following a draft Interagency Report published in February, the National Institute of Standards and Technology (“NIST”) has published NISTIR 8200: Interagency Report on the Status of International Cybersecurity Standardization for the Internet of Things (IoT), which seeks to assess the “current state of international cybersecurity standards development for IoT.” In this effort, the Report defines the major areas where IoT is currently being used and evaluates various IoT cybersecurity standards commonly applied in those areas. To evaluate the surveyed IoT standards, the Report relies on a framework that breaks the standards down into twelve core areas, each of which designates a distinct, common element of cybersecurity measures.
Where IoT is Being Used the Most
To help evaluate the current understanding of cybersecurity risks involved in IoT applications and the methods used to measure them, the Report overviews major IoT technologies and how they are deployed. It then breaks down the network-connected devices, systems, and services comprising IoT into five major categories of application, explaining the common components of each:…
Continue Reading NIST Surveys and Assesses Broad Landscape of IoT Cybersecurity Standards in Interagency Report
New Internet of Things (IoT) NIST Draft Publication Provides Welcomed Guidance
Responding to the rise of interconnected technology, the National Institute for Standards and Technology (NIST) has recently issued an introductory document in a planned series of cybersecurity publications addressing Internet of Things (IoT) privacy risks. Open for comment through October 24, 2018, the Draft NISTIR 8228, Considerations for Managing Internet of Things (IoT) Cybersecurity and…
Report on the Autonomous Vehicle Safety Regulation World Congress 2017
The big takeaways from The Autonomous Vehicle Safety Regulation World Congress centered on the importance of a federal scheme for AV regulation and the reality of the states’ interest in traditional issues such as traffic enforcement, product liability, and insurance coverage. In keeping with those messages, the World Congress kicked off with NHTSA Deputy Administrator and Acting Director, Heidi King, speaking about NHTSA’s goals and interest followed almost immediately with wide participation from the states including California, Michigan, and Pennsylvania, among others.
Deputy Administrator King emphasized NHTSA’s desire to foster an environment of collaboration among all stakeholders, including the states. Ms. King emphasized that safety remains the top priority at NHTSA. NHTSA has provided some guidance, and looks forward to hearing from stakeholders about the best way to support and encourage growth in autonomous vehicles. NHTSA wants to provide a flexible frame work to keep the door open for private sector innovation. It is necessary to build public trust and confidence in the safety of autonomous vehicles, and that can only accomplished by all stakeholders working together.
NHTSA is working on the next version of AV guidance, having already issues its 2.0 version, with an expected release of 3.0 in 2018. The guidelines will remain voluntary, but NHTSA is ready to support entities as they try to implement the voluntary guidance. Working with the states, DOT, OEMs, and other stakeholders, NHTSA hopes to continue to be flexible and allow for rapid changes. Later in the conference lawyers emphasized the importance of compliance with the guidance in minimizing liability particularly in no-fault states such as Michigan.
Dr. Bernard Soriano, deputy director, California Department of Motor Vehicles, similarly confirmed that California’s overarching interest in regulating AV is the safe operation of vehicles on its roadways. In summarizing California’s recent October 11, 2017 release of revised regulations, he emphasized that “change happens fast,” and that the state is pleased to now be close to allowing completely driverless testing. He recognized the federal preemption on the design of the vehicle and its crashworthiness and emphasized the state’s interest in the operation of the vehicles and compliance with state traffic laws.
Continue Reading Report on the Autonomous Vehicle Safety Regulation World Congress 2017