House bill would require IoT cybersecurity training for federal employees

The Office of Management and Budget would ensure the training if a new House bill becomes law.
(Getty Images)

Cybersecurity training would be required of all federal employees if a bill introduced in the House by Rep. Ro Khanna, D-Calif., on Monday becomes law.

The Internet of Things Cybersecurity Training for Federal Employees Act specifically directs the Office of Management and Budget to ensure employees understand the vulnerabilities of IoT devices.

IoT describes everyday devices that send and receive data via the internet — smart watches, home appliances and even cars. Security isn’t always built into IoT devices, and they can be hard to patch if they’re made to be disposable.

“The [bill] will ensure that our federal workforce is aware of these vulnerabilities when using IoT devices at work and at home,” Khanna said in the announcement. “This simple bill does its part in modernizing our government into the 21st century.”


Khanna’s bill is among three other big pieces of tech legislation the lawmaker is sponsoring this session.

The Measuring the Economic Impact of Broadband Act would see the Bureau of Economic Analysis study how deployment affects underserved communities and report back to Congress. And the Advancing Cybersecurity Diagnostics and Mitigation Act is a companion bill to one in the Senate that would codify the Department of Homeland Security’s signature cybersecurity program.

Khanna is also working with House Minority Leader Kevin McCarthy, R-Calif., on a bill to create an information sharing and analysis center, or ISAC, for tech companies to alert each other and government to “bad actors” using social media platforms to influence U.S. elections. Legal hurdles currently exist limiting, say, Facebook’s ability to alert Twitter or Google.

Latest Podcasts