Federal and state government panelists at a workshop Thursday said NIST’s cybersecurity framework is a good approach government can take to develop standards for the IoT.
It isn’t easy to figure out what exactly the government should do to get ahead of the rapidly growing Internet of Things.
But panelists ranging from major technology company executives to federal government officials and one state CIO in a workshop Thursday hosted by the Commerce Department tried to hammer out exactly that: How much or what the government should regulate around the IoT, and what other roles government can play in the growing technology?
“We look at the government’s role from three aspects, it’s not just about policy and legislation,” Illinois CIO Hardik Bhatt said to the mostly federal-focused workshop.
Bhatt talked about how his state views its role in the developing Internet of Things in three ways: Serving as a customer for the Internet of Things, enabling or facilitating development and commercialization of Internet of Things-related technologies, and expanding Internet of Things adoption to smaller cities within the state.
“The first and very active role of government is government as a customer,” Bhatt said. “And we need to start getting our act together as government to start being the role model of how the Internet of Things technology can be used.”
As part of that role, he urged all levels of government and disparate agencies in governments to avoid working in silos and collaborate together to better adopt the technology.
“We all know how government technology is, and it has been like this because we have always worked in silos within the government, and whether it’s breaches that are happening right now, it’s all how we started building technology many years ago,” Bhatt said. “And IoT is going to in fact accelerate those issues or in fact make them more transparent if the governments continue to work in their silos.”
To escape the silo problem, the state of Illinois launched an Internet of Things Center of Excellence for 11 agencies to collaborate on implementing IoT technology, Bhatt explained.
Information Technology Industry Council President and CEO Dean Garfield emphasized the point of the government as a customer, saying it has a “critical role as a leader in purchasing and using these technologies.”
“There is the opportunity for the United States government to be a leader in the deployment of these technologies and just using them and integrating them into their own fleet,” Garfield said.
Panelists also said the government should avoid heavy regulation — particularly early on — to avoid stifling innovation as the technology develops.
For example, panelists discussed whether standards are needed for better interoperability. John Godfrey, senior vice president for public policy at Samsung Electronics America, called it “a mistake” for the government to regulate or pick a standard to speed up interoperability efforts.
“That very likely will lead to rigidity getting in the way of innovation not reaching the right final answer,” Godfrey said. “It’s worth taking the time to allow the public and private sector collaboration to find the right interoperability standards, whether it’s for IoT, or any of the vertical applications within the IoT space or the internet.”
Samsung is part of the Open Connectivity Foundation, an effort to increase interoperability.
But Hilary Cain, director of technology and innovation policy at Toyota, said interoperability standards would be important for connected objects someone would own for a very long time — like a car.
“This ‘The market will work and we’ll figure this all out’ isn’t really a great proposition for a company like Toyota who wants to sell a vehicle that you’re going to be really ticked off if that thing only works on half of the Internet of Things and not the other half,” Cain said. “…Or that doesn’t work two years down the line.”
She added: “It’s not your phone, it’s not something you replace every year or two.”
Those concerns could be addressed through bridges, interfaces or adapters, Godfrey explained.
“So you could have a Ford car talking one standard, a Toyota car talking another standard and some cloud service or some device that simply translates between the two,” Godfrey said. “It’s not that you pick a standard and you’re stuck with that for, you know, for 12 years and can never interoperate with anything else.”
Panelists throughout the day pointed to the National Institute of Technology’s approach of developing standards around cybersecurity as a model for the government to collaborate on standards or best practices for IoT.
“While standards are critical and should be advanced, I think the approach that’s taken here of making sure that they’re consensus-based, driven by the private sector and driven by global practices rather than unique island approach driven by particular nations, is critical,” Garfield said.
That process involves collaboration with industry, another thing many panelists noted as a key to successful standards.
Rather than regulating first, government should step back and spend time understanding the issue with people developing the technology, said Leonard Cali, senior vice president for global public policy at AT&T.
“There will be questions with IoT that are tougher than questions that came before,” Cali said. “But rather than regulate first, what we should be doing is stepping back… Understand these things, figure out the right way to deal with them.”
Beyond regulations or developing standards, Bhatt said Illinois is acting as an enabler or facilitator by having an an incentive structure to promote innovation and entrepreneurship, particularly in IoT.
“I think what we have heard since the morning is that government should facilitate until it knows what to regulate and how to regulate,” he said. “But there’s a lot that the government can do before they start regulating.”
Contact Samantha via email at [email protected], or follow her on Twitter at @samehlinger.