California’s cybersecurity law for the internet of things (IoT) is now official. It was approved by California Governor Jerry Brown last week, more than a year after it was introduced as SB 327 in February 2018. It bears the distinction as the first IoT-related law enacted in the U.S., and now sets security standards for the manufacturing of connected devices.
The new law requires manufacturers of any connected device sold in California to equip its products with “reasonable” security features appropriate to “the nature and function of the device,” as well as to “the information it may collect, contain, or transmit.” It also sets standards on authentication features of the device.
Source: Trend Micro