In the Internet of Things (IoT) sector, 2025 is shaping up to be a politically charged year. Major global jurisdictions are set to implement device security regulations, coinciding with potential tariffs, shifting production dynamics, and rising geopolitical tensions.
My advice for companies involved in manufacturing or using IoT devices? Prepare for the worst, but hope for the best.
Geopolitical tensions are impacting IoT
There’s no denying that the macro landscape is splintered. Internet infrastructure is increasingly under threat from espionage and sabotage with concerning implications for connected devices.
In November, two undersea telecommunications cables were cut in questionable circumstances, disrupting traffic. These acts raise global tensions, of course, but also highlight a critical vulnerability: cloud-dependent devices become completely inoperable when network connectivity fails. Even if a device is physically nearby and connected to a local Wi-Fi network, it’s effectively bricked without access to cloud servers.
Internet-connected devices can also be compromised for surveillance. In recent years, several governments have banned state-owned surveillance companies like Hikvision over such national security concerns. The cameras contained hard-coded admin passwords and “always-on” cloud connections and enabled facial recognition, person tracking, and gender identification – dangerous data points in the wrong hands.
These device vulnerabilities relate to broader concerns about IoT hardware being exploited for intelligence gathering. Under China’s National Intelligence Law, for example, Chinese companies must cooperate with state intelligence operations. This means Chinese-manufactured components or Chinese company-controlled elements within devices could theoretically be compelled to transmit data to authorities, a major security and privacy backdoor. Clearly, device origin should be a key consideration for consumers in the new year.
Governments are kicking into action
At the same time, and likely in response to the above, governments are introducing big legislative changes to encourage better device practices.
Europe’s Cyber Resilience Act and The United States’ Cyber Trust Mark are finally arriving to set minimum security and production thresholds. Hopefully, depending on where you live, the threat of regulatory enforcement or the promise of increased market share will encourage device makers to up their game in an industry known for security laziness.
President Trump will undoubtedly shake things up further. His campaign made promises about tariffs, including a 60% hike on Chinese goods. This would drive up semiconductor costs – the essential components powering connected devices. And his anticipated cabinet of China hawks could restrict or curtail Chinese-manufactured devices and components on US networks, creating widespread supply chain disruptions.
On top of this, producers face a double whammy if the incoming administration also follows through on killing the CHiPS Act and dumping incentives for domestic chip manufacturing. This potential combination of higher tariffs, device restrictions, and reduced manufacturing stimulus could create severe production bottlenecks and drive-up costs at home and abroad.
Prepare now for the shifting political landscape
Nothing is certain in life or connected devices. Some of these things will happen, some of them won’t, but the important thing is to be prepared.
For example, don’t put all your data eggs in one basket. If one region loses power or internet, it’s up to you to create redundancies. We do this at our company by running across five geographical locations with dual servers at each site. Each server center maintains split power and internet access configurations, providing multiple failsafes. This distributed architecture ensures service continuity even if regional infrastructure is compromised. In this direction, explore edge storage to ensure your information is stored under your lock and key closer to home.
On the other hand, device manufacturers should scrutinize their supply chains and production methods. Audit your component suppliers and assess whether potential trade restrictions or regulatory changes could impact your costs or timelines. If so, diversify manufacturing to reduce dependency on any single market. Most importantly, document your security protocols and compliance measures now. It’s far easier to demonstrate existing good practices than to implement them retroactively when regulators come knocking.
And, if you’re one of the bad apples in the crosshairs of regulations, upgrade your practices today. Troubleshooting takes time and you’ll need as much of it as you can get. Not doing so could result in loss of access to some of the world’s most lucrative markets or business-crippling fines.
