Many relevant goals of the IoT Cybersecurity Improvement Act of 2020 [1] have already been implemented. Executive Order E.O. 14028 of May 12, 2021 "Improving the Nation's Cybersecurity" is substantially similar in requirements. NIST in particular got called out for work and already implemented "IoT Cybersecurity Guidance" [2]. Mostly part of "Trustworthy Network of Things". [3] Also [4].
I wish we had a longer form discussion framework, as I'd be curious to
know what USians think of how this is going - but anyway thanks very
much for those useful links on how it's working stateside.
Either replying here works, or profile has a fairly simple to solve contact if you really want to ask me those questions.
Tend to fairly regularly check comments from at least the last week to see if anybody responded.
Notably, while following the situation, and knowing a bit about the IoT world, not deeply involved in microcontrollers or IoT design. Mostly aerospace personally. Some experience with Wifi and Bluetooth development for Windows and Android, with a bit of Arduino, yet that's the perspective for discussion / questions.
Can refer you to a few NIST folks and some NIST mailing lists.
[1] (Public Law No: 116-207), https://www.congress.gov/bill/116th-congress/house-bill/1668
[2] NIST, IoT Guidance and Catalog, https://csrc.nist.gov/News/2021/updates-to-iot-cybersecurity...
[3] Trustworthy Network of Things, https://www.nist.gov/programs-projects/trustworthy-networks-...
[4] IoT Cybersecurity, https://www.nist.gov/itl/applied-cybersecurity/nist-cybersec...