Likely the most significant IoT security law to date, the bipartisan IoT Cybersecurity Improvement Act of 2020 was signed into law on December 4, 2020, and companies that sell to the government, directly or indirectly, will need to comply with its standards to qualify to do business with executive agencies. We review the key provisions of the IoT Act, its impact on the private sector and what companies can do now to be ready for compliance. See “How to Address Intensifying Enterprise IoT Security Risks” (Oct. 14, 2020).