The Internet of Things promises to revolutionise the way people, devices and data interact on a global scale enabling us to enhance our lives and make our surroundings ‘smart’.
As the industry reaches maturity, many governments around the world are stepping up initiatives to enable them to leverage and harness the potential of this new connected society. The US Department of Commerce and the National Telecommunications and Information Administration are now seeking to define government’s role in supporting, promoting and regulating IoT and in support of this, Microsoft recently filed comments on the benefits, challenges, and potential roles for the government in fostering the advancement of IoT.
The comments highlight that any government approach to IoT should address a number of critical issues, including cybersecurity, “notice and consent”, globally-relevant IoT standards and alignment with other countries’ IoT strategies and international trade commitments.
“Governments have an important role in ensuring that IoT innovations continue,” says Paul Nicholas, senior director of Trustworthy Computing at Microsoft. “Microsoft looks forward to continuing to work with NTIA to address the benefits and challenges of IoT in the future.
Support Trust
Microsoft’s comments encourage policymakers to more broadly support efforts that will advance consumer and enterprise trust in IoT technology and help IoT realize its full potential. The government should encourage initiatives that recognize and emphasize the following:
● Best practices for IoT cybersecurity that are appropriately scoped to the roles of different actors in the IoT ecosystem.
● Modernization of traditional privacy frameworks, such as the “notice and consent” framework to increase the focus on transparency, context, and consumer expectations for scenarios where notice and consent are impractical.
● Support for industry-led efforts to develop open, voluntary, consensus-based, and globally-relevant standards that promote innovation and preserve interoperability, to ensure new IoT systems and legacy technology systems can work together.
● International engagement that takes into account other countries’ IoT strategies and initiatives as well as international trade commitments.
To put these policy priorities into action, Microsoft offered three recommendations for the government:
Create an IoT interagency task force
This task force can coordinate with existing organizational bodies to foster balanced perspectives between security, economic benefits, and potential risks. Participants from across government agencies would set milestones for completion, particularly focusing on 1) direct the update of federal strategic documents to consider the security aspects of the explosive growth and reliance on IoT; 2) direct the update of existing awareness and training programs; 3) encourage and incentivize academia to develop curricula focused on IoT and security challenges; and 4) encourage engagement in appropriate international forums for standards and policy development.
Convene and facilitate a government and industry standing body
Through a public-private standing body, key stakeholders can coordinate, collaborate and leverage the various industry IoT consortia to develop, update, and maintain IoT deployment guidelines to manage cybersecurity implications and risks. This body would adopt an international perspective that takes into account the significant work on IoT-related standards outside of traditional channels in standards development organizations.
Review current research and development investments and recommend future R&D funding for fundamental IoT security and cyber-physical security research
The Office of Science and Technology Policy should review R&D funding and investments, specifically for fundamental IoT and cyber-physical security research and help ensure the R&D projects are addressing evolving cybersecurity challenges.
Microsoft also published the Securing Your Internet of Things from the Ground Up whitepaper detailing IoT Security Strategy. Earlier this year the company debuted Azure IoT Hub device management and the Azure IoT Gateway SDK, making it significantly easier for customers to manage their IoT deployments.
Find out more about Microsoft’s IoT vision at www.InternetofYourThings.com
