The Biden administration on Tuesday unveiled plans to introduce labels to help consumers identify internet-connected devices and other electronic products that meet high cybersecurity standards.
The Cyber Trust program, announced by Federal Communications Commission (FCC) chairwoman Jessica Rosenworcel, is expected to be rolled out in 2024. Much like ENERGY STAR labels indicate energy efficiency, the cybersecurity certification labels would indicate the safety level of smart devices like refrigerators, microwaves, TVs, and fitness trackers.
In a statement, the White House said the program would “raise the bar for cybersecurity across common devices.”
“The goal of the program is to provide tools for consumers to make informed decisions about the relative security of products they choose to bring into their homes,” the White House explained.
Several top electronic brands have already pledged support for the voluntary program, including Amazon, Google, LG Electronics, Samsung, and Best Buy. Presumably, many others will join the program soon.
NIST Guidelines Focus on Product Security
Manufacturers will have to meet a set of requirements put forth by the National Institute of Standards and Technology (NIST) to receive a Cyber Trust label. The NIST’s requirements are tailored to the specific needs of home users.
Among other things, the NIST requires products to have unique device identification, access controls, encrypted data transmission, and software update mechanisms. Manufacturers must also maintain security documentation, have vulnerability management processes, and keep consumers informed of issues, according to the NIST report.
The FCC, which will be in charge of compliance, said it will seek public feedback as the program develops. The goal is to guide buyers toward more secure options and encourage retailers to prioritize labeled products.
New Security Standards
The White House had announced plans to create security labels for IoT devices back in October 2022 as part of President Joe Biden’s National Security Strategy.
The Cyber Trust labels will help to differentiate secure devices and drive accountability through continued security updates. The cybersecurity ratings will appear on the boxes of devices and on devices as a physical or digital mark so consumers can identify compliant products.
With billions of IoT devices set to be in use in the coming years, and high-profile vulnerabilities illustrating the dangers of insecure devices, experts argue that more rigorous standards and labeling are essential to steer consumers towards safer, more cyber-resilient products, especially as IoT devices provide a wide attack surface.
While we wait for the Cyber Trust label to be rolled out, you can take matters into your own hands and protect your data with a virtual private network (VPN). We’ve tested dozens of VPNs. You’ll find our top picks in our article on the best VPNs for security.
Follow us on Twitter, Threads, and Mastodon for more news!
