The ever-increasing number of devices connected to the network has become a key pain point for all cybersecurity teams. There’s a never-ending list of devices to protect — whether it’s video doorbells, broadband routers or even cars and traffic lights. Successful attacks on these devices could lead to chaos for individuals and the general population. For example, what would a consumer do if there was a grocery delivery of 200 bottles of milk because their fridge got hacked and ordered it from the supermarket? Devices seem to be getting smarter, but the reality is that some just aren’t being designed for our new world from a security perspective.
For many, security is simply about having a password. Many people use the same password across multiple devices which has obvious flaws. I firmly believe that there are thousands, if not millions, of routers, switches and firewall devices that exist in corporate environments that have the same password as it was shipped with from the factory.
Whilst this bill is a step in the right direction – ensuring transparency for companies to fix security flaws will increase accountability and must lead to better software testing before a product is unleashed to the public. But, there is still much to be done to ensure it is effective. Even if it means introducing fines or damages that would force manufacturers to pay attention to better application quality. Cybersecurity cannot be an afterthought when manufacturing new IoT devices and organisations need various tools and steps in place to authenticate users, limit access and boost visibility across the entire network. Zero Trust is the most effective solution to protecting IoT devices.