Embedded devices connected through the Internet or private networks can dramatically increase value to customers, operators, and to device users. But in a connected world, the device and its software can be compromised in unpredictable ways. In fact, cyber-attacks on connected devices have increased substantially over the past few years. The White House and Congress are raising the bar for IoT device security. At the same time, the SEC now requires companies to report on cybersecurity risks in their 8-K filings. How will new rules impact manufacturers of connected embedded devices? And how can they best ensure maintainable security for the life of a device?