The Government Accountability Office has urged the Defense Department to evaluate security policies and guidance related to internet of things devices, then identify areas that require new policies or updated guidance.
GAO said Thursday DoD has conducted infrastructure-related and intelligence assessments to examine security risks posed by IoT tools but the department has yet to evaluate the security of IoT device operations.
The congressional watchdog found that DoD policies and guidance do not adequately address certain IoT platforms, including smart televisions in unsecure areas and IoT device applications.
GAO added that DoD policies and guidance on cyber, operations, information and physical security do not cover IoT devices.
The department has yet to establish policy that would require its components to implement existing security measures on industrial control systems, including IoT tools, the GAO report noted.
GAO recommended DoD to administer operations security surveys to identify IoT security risks, or use other risk assessment methods.