California leads in IoT cybersecurity - Tosibox meets SB-327 requirements
Contact us Subscribe

California leads in IoT cybersecurity

Bill Behn, President, Tosibox, Inc.

Cyber security threats are unlikely to decrease in the new decade. According to the Israeli security firm Check Point Security, attacks on critical infrastructure such as power grids and water distribution systems are identified as major threat targets.

The increase in the amount of data and in the interdependencies it generates has been exponential. The network company Juniper estimates that this year the Internet of Things will comprise a total of more than 38 billion devices. This year, more than half of new big businesses and processes will somehow relate to the Internet of Things (IoT).

Although cybersecurity guidelines and standards exist in the field, they are not mandatory and are too often viewed as just “good ideas”. With product development and sales booming, security has remained the responsibility of users in both the consumer and industrial markets. Despite the need to secure devices, we see all too often the “concept” of cybersecurity is daunting or overwhelming and therefore gets placed firmly on the back burner as controls engineers continue to “whistle past the graveyard”.

Forerunners increase regulation

In Finland, for instance, the Finnish Transport and Communications Agency has launched a cybersecurity label for products. This label is to be used in smart consumer products (so-called IoT devices) that can be connected to the internet. In the United States, the State of California has gone one step further.

The State of California has long been at the forefront of technology legislation. If California were a state it would be the world’s fifth largest global economy. California’s Silicon Valley is home to the spearhead of global technology development, with companies such as Apple, Cisco and Google headquartered there. As of this month (January 2020), California’s groundbreaking IoT law has come into reality, requiring all equipment sold in California is to be properly secured and labeled.

Regulation is the first step

The law is revolutionary: it applies to every device that has a network connection. The connection can be Bluetooth or IP-based. The law requires that each device has ”reasonable” cyber security features.

The law has already been criticized for being loosely formulated, not going far enough and not having clear consequences for non-compliance.

Only time will tell, but despite possible shortcomings California is an absolute pioneer in an area of grave concern for everyone. If manufacturers are not in a position to take responsibility for regulating the industry, then someone has to. Indeed, it is to be expected that this type of legislation will increase globally in the next few years, as governments try to prevent cybersecurity disasters, protect consumer rights and ensure data privacy.

If we fail to secure the Internet of Things, the consequences can be catastrophic. The examples are well known and growing. In the Ukraine, power distribution was interrupted, while the logistics giant Maersk suffered costs of hundreds of millions due to ransomware infiltrating its systems. In 2014, the German cyber security authority reported a case where a German steel mill was sabotaged by a cyber-attack.

Tosibox meets SB-327 requirements

Many of these unfortunate chains of events could have been preventable, and quite easily too. TOSIBOX® technology for secure IoT connectivity, remote maintenance and easy network management is based on physical-first multi-factor authentication, automatic security updates and the latest encryption technology. We have secured connectivity to devices in more than 120 countries and counting.

TOSIBOX® is infinitely scalable, making it a cost-efficient solution that grows as you grow, whether you operate in factories, office networks, smart buildings, smart traffic or any other environment where business critical information flows and systems need to be protected. The solution is configuration-free, and all devices can be securely connected in a matter of minutes.

The globally patented TOSIBOX® technology offers first class security and helps fulfill all requirements of the California law.

In California we have many value added resellers and system integrators ready to help you gain SB-237 compliance. Find a reseller near you >

“California is an absolute pioneer in an area of grave concern for everyone.”

Bill Behn, President, Tosibox, Inc.