
There are significant risks involved with having so many of these things connected to one another and the internet without a lot of consumer understanding and very little standardization to really help us navigate this.On government’s role in regulating IoT security:
We know already that hackers have co-opted internet-connected devices that have had little or no security and then turned those devices into cyberweapons.If you just leave it up to the market to eliminate unsecured devices or raise standards, that's not going to be a short-term or long-term solution...I think it's so important that we come together and set some standards here… also raise consumer awareness about what they need to do to ensure that their IoT devices can't be weaponized. What's really important to balance here is the need to spur innovation in this space with the need to make sure that there are standards in place to protect people.On tech companies’ willingness to work with Congress on IoT security:What the companies are beginning to understand is that our networks and our data are only as secure as the weakest link in the chain. And so, if you just leave it up to the market to eliminate unsecured devices or raise standards, that's not going to be a short-term or long-term solution.I am encouraged by the kind of constructive dialogue that we've been able to have with industry, and again, encouraged that there's bipartisan attention to this, which should help us continue that kind of constructive dialogue with industry.What you're seeing now is a recognition by tech companies that some of their approach to innovation and development has had a series of unintended consequences...It's our job to make them aware, as well as consumers, that we really do have threats we have to address.On consumer awareness of IoT security:It is really important that consumers are aware that the products they purchase actually have internet connectivity, and I think there are a fair number of consumers who may not understand that.It's the job of the producers to make clear to consumers that their devices are internet-connected, and include instructions about how to change these passwords and take other very simple security measures...The federal government has a role to play in strengthening awareness of internet connected devices, so that consumers can recognize the devices and what they need to do in order to maintain good cyber hygiene.