The Internet of Things Cybersecurity Improvement Act of 2020 is the first U.S. federal law addressing IoT security. The act requires that federal agencies only procure devices that meet minimum cybersecurity standards and establishes a vulnerability reporting and notification program. The legislation has been in the making for at least three years, met no opposition from lawmakers. Two states already have IoT legislation, California’s SB-327 and Oregon’s IoT law, which also went into effect in January, is similar to California’s. The law sets in motion a series of deadlines for the National Institute of Standards and Technology.”]
Source: https://www.cuinfosecurity.com/first-federal-iot-security-legislation-becomes-law-a-15539