FEMA Working With CISA to Improve IoT Device Security

The Cybersecurity and Infrastructure Security Agency is working to ensure that the Federal Emergency Management Agency‘s internet of things devices and systems are secure.

James Rodd, the cloud portfolio manager at FEMA, said during the ATARC 2022 Emerging Technology Summit that the agency is continuously working with CISA to develop best practices and a security framework for IoT systems. According to Rodd, FEMA does not want to be affected by a cyber breach that would prevent it from performing its duties.

The FEMA official also suggested that CISA has provided effective guidance and security measures to ensure that devices are updated and that vulnerabilities are resolved, FCW reported Tuesday.

Rodd said other agencies are also helping FEMA shape its IoT device cybersecurity practices. One of the guidance that the manager said was helping the agency is the National Institute of Standards and Technology’s Special Publication 800-213, which focuses on IoT devices.

He also mentioned that FEMA’s cloud architecture is still new and immature in its governance framework.

CISA released various guidance, materials and tips to help government agencies secure their IoT devices. It is also launching various initiatives to encourage organizations to strengthen their cybersecurity posture and offer various cybersecurity services such as vulnerability scanning.