People Power introduced a software stack for telecommunications companies designed to enable quick connection, engagement, delivery and management of IoT projects. The People Power IoT Suite offers white-label security, energy and home care services, said the company in a Monday announcement. The suite has four sections: Presto, an open-source software development kit and open application programming interfaces that allow manufacturers to quickly enable IoT devices with hosting; the Virtuoso mobile and web app framework for iOS, Android and Web; the Symphony cloud analytics service that connects to social networks; and Maestro, a command center that enrolls and supports end users, said the company. People Power worked with Stanford ChangeLabs and consumer behavior experts to develop the IoT Suite, which it said has a “people-first effect” that makes possible “large-scale transformational behavior changes that engage communities.”

Thursday's NTIA workshop on fostering IoT growth will build on comments the agency received in the spring on the strategic role for government in this effort. The 9 a.m.-3 p.m. workshop will have discussions on privacy and security implications and technological barriers for IoT implementation and help provide input for the Commerce Department's upcoming green paper on IoT. Among speakers are former FTC Commissioner Julie Brill, now a Hogan Lovells attorney, Commerce Director-Digital Economy Alan Davidson, Information Technology Industry Council President Dean Garfield, Patent and Trademark Office Deputy Director Russell Slifer and NTIA Administrator Larry Strickling. The webcast event will be held at the PTO office, 600 Dulany St., Alexandria, Virginia. The National Institute of Standards and Technology held a two-day workshop Tuesday and Wednesday on the trustworthiness of IoT and cyber-physical systems. In a blog post Tuesday, the White House Office of Science and Technology Policy said both workshops are part of a larger effort the Obama administration is taking to ensure that innovation, privacy and safety are considered in expanding the IoT market. Other activities include a Department of Homeland Security collaboration with industry to develop a cybersecurity assurance program, two federal interagency working groups' examinations of IoT R&D and a $160 million smart cities initiative to help communities use IoT and other technologies to improve traffic congestion, pollution, crime and other challenges.

About 30 percent of respondents in a poll of more than 220 information security professionals who attended the Black Hat hacker conference nearly a month ago said their organizations are prepared for IoT-related security risks, said security company Tripwire in a Thursday news release. Twenty-seven percent said their organizations weren't prepared, 37 percent said their organizations will soon be prepared and 5 percent weren't concerned about IoT security risks, the company's poll found. Fifty-two percent didn't think their organizations accurately tracked the number of IoT devices on their networks, while 34 percent said their organizations did a good job. Plus, 78 percent said they were concerned about IoT devices being "weaponized" in distributed denial-of-service attacks. Only 11 percent ranked DDoS attacks as one of the top two security threats their organization face. Phishing, cyberespionage, ransomware and insider threats were the other risks that were cited more frequently, Tripwire found. About half of the respondents said IoT devices on their networks will increase by at least 30 percent next year.

The government should avoid one-size-fits-all rules and a “compliance mindset” on mobile security, CTIA said in a Department of Homeland Security filing. The group responded to a request for information from DHS and the Enterprise Mobility Program at the General Services Administration. “Security is a top industry priority,” CTIA said. “Industry is making significant investments, and the entire ecosystem works tirelessly to innovate and advance security.” As 5G and the IoT take off, “new approaches will emerge as industry aggressively innovates for security,” the association said. “Technology must advance at a very rapid pace … to address threats. Security needs often outpace standards bodies, as companies must monitor, protect, diagnose, and fight potential cyberattacks in real time.” CTIA said “flexibility and vigilance” are vital in a “changing threat landscape.”

NTIA sought comment Thursday on factors influencing industry adoption of IPv6, amid the near-complete exhaustion of IPv4 addresses. Though adoption of IPv6 is increasing, only 32 percent of U.S. internet services are IPv6-capable, said NTIA Office of International Affairs Telecom Policy Specialist Ashley Heineman in a blog post. “As IPv4 addresses become more scarce, companies and other organizations that have yet to transition to IPv6 may find it difficult to expand their Internet presence.” NTIA said in a Federal Register notice it's particularly interested in feedback from firms that have adopted IPv6 on the “benefits, costs and challenges they have experienced, as well as any insight into additional incentives that could aid future adoption, implementation, and support of IPv6.” The Department of Commerce intends to use the comments to “inform” its work to promote IPv6, including a planned IPv6 best practices forum set to be held during the Internet Governance Forum's December meeting in Guadalajara, Mexico, NTIA said. Comments are due Oct. 3.

“The manufacturing sector is rapidly embracing the use of the Internet of Things to improve efficiency in production,” said House Communications Subcommittee Vice Chairman Bob Latta, R-Ohio, during a roundtable talk Wednesday hosted by the National Association of Manufacturers and Owens-Illinois. Latta, co-chairman of the House’s IoT working group, said in a statement that the "discussion provided important insights into how different companies are incorporating this technology into their manufacturing process. As machinery and devices continue to become more interconnected, it’s important that federal policy encourages innovation and growth, while protecting privacy and security.” Latta is eyeing "a leadership position" on the Commerce Committee for next Congress, which could be decided after the November elections (see 1607220053).

NTIA plans a workshop Sept. 1 on potential IoT benefits and challenges and the government's role in possibly helping advance those technologies. In a notice to be published in Thursday's Federal Register, the agency said it will post on its website a detailed agenda on the workshop, with several panels and speakers. The workshop, open to the public and scheduled for 9 a.m.-3 p.m., will provide input to the Department of Commerce's upcoming IoT green paper, the notice said. The meeting will be at the Patent and Trademark Office, 600 Dulany St., Alexandria, Virginia. In a blog post last week, Angela Simpson, NTIA deputy assistant secretary-communications and information, said (see 1608020060) the agency also is planning to launch a new multistakeholder process to help consumers better understand IoT products that support security upgrades -- building on a June request for comments on IoT benefits and challenges and one last year on cybersecurity.

Sens. Ed Markey, D-Mass., and Richard Blumenthal, D-Conn., pressed FCC Chairman Tom Wheeler on “consumers’ safety and privacy as car manufacturers deploy vehicle-2-vehicle and vehicle-2-infrastructure communications technologies in their automobiles,” in a letter dated Thursday. They said the IoT also could be called the “Internet of Threats” without appropriate measures in place. “Ensure that DSRC [dedicated short-range communications] spectrum is only used for vehicle safety and not commercial applications that may make vehicles more vulnerable to safety, cyber, and privacy threats,” they told the FCC among a list of items. “Mandate that automakers, commercial entities, and anyone else licensed to use DSRC spectrum submit privacy and cybersecurity plans to the FCC.” These entities also should “periodically” update their privacy and security plans, the senators recommended. The FCC should require “DSRC spectrum users to notify appropriate law enforcement, government agencies, and consumers if a serious breach occurs and take appropriate steps to mitigate the harms of such a breach.” Markey and Blumenthal are “pleased” with a July 25 FCC notice seeking comment on these issues, they said.

NTIA said it’s beginning a new multistakeholder process via the Internet Policy Task Force on the cybersecurity upgradability of the IoT. The NTIA-facilitated process, which is to begin with an initial meeting in early fall, will focus on developing ways to improve consumers’ understanding of cybersecurity upgrades to IoT products, the agency said Tuesday. NTIA chose to proceed with the multistakeholder process in response to comments in both its recent IoT request for comment (see 1606020059) and the IPTF’s 2015 request for comment on cybersecurity issues (see 1506010055) that “identified security upgradability as an issue that required attention and coordination,” said Deputy Assistant Commerce Secretary-Communications and Information Angela Simpson in a blog post. She said that the process’ goal will be to “promote transparency in how patches or upgrades to IoT devices and applications are deployed. Potential outcomes could include a set of common, shared terms or definitions that could be used to standardize descriptions of security upgradability or a set of tools to better communicate security upgradability.” There are instances in the IoT space where there has been “limited consideration for supporting future security patches, even though many devices will eventually need them,” Simpson said. “Enabling a thriving market for devices that support security upgrades requires common definitions so consumers know what they are getting.” No common definitions on IoT cybersecurity upgrades currently exist “and manufacturers can struggle to effectively communicate to consumers the security features of their devices,” she said.

The Thread Group and the Open Connectivity Foundation (OCF) said Wednesday they'll work together to advance adoption of connected home products. To help the IoT realize its full potential, players including silicon, software, platform and finished-good providers have to work together to ensure OCF's application layer will be fully compatible with Thread's IPv6-based wireless mesh network layer, said the alliances in a news release. "Thread Group members identified and prioritized OCF as a strategically important application layer to run over the Thread wireless mesh network," said Thread Group President Grant Erickson. For consumers to put their faith in the connected home, their experiences must be "simple, reliable, and effortless,” said Erickson. The agreement is a step toward ensuring smart home devices work together out of the box, “regardless of their brand or function," he said. The Thread Group focuses on the networking layer and OCF sits at the application layer, but both support low-power technologies at the center of their approaches to the connected home, they said. Both technologies were designed to scale from the internet of small things to the internet of larger things, which they said is an “easier task than scaling down.” The groups are committed to providing a seamless product experience and a connected home framework that’s easy to use from setup and configuration through interaction at the application layer, they said.