California Signs A New IoT Cyber Security Law

California has now become the first state to sign a cybersecurity law covering “smart” devices. The bill, SB-327, was introduced in the State Senate last year and was signed by a Californian Governor Jerry Brown this year in late August.

Under the law, every manufacturer would have to equip their devices with certain security features if their devices are directly or indirectly connected to the internet from January 1, 2020. This will make the information stored in the devices safer and unauthorized access and modification would be avoided.

With a constant increase in cybercrime rates, it has become crucial for authorities to make a change with developments that can make an actual difference and California is as close to it as one can get. Bruce Schneier, a security technologist at Harvard Kennedy School, told The Washington Post, “A California law that manufacturers have to adhere to in California is going to help everybody, Of course, it probably doesn’t go far enough — but that’s no reason not to pass it. It’s a reason to keep going after you pass it.”

Despite the support, many are criticizing it as well. in his recent blog. Robert Graham said, “this law is based upon an obviously superficial understanding of the problem. It, in no way, addresses the real threats but at the same time, introduces vast costs to consumers and innovation. Because of the changing technology with IPv4 vs. IPv6 and WiFi vs. 5G, such laws are unneeded: IoT of the future is inherently going to be much more secure than the Mirai-style security of the past” in his blog titled “California’s bad IoT law”.

Read more about the bill here.