Français
Deutsch
Español
Italiano
Português
日本語
한국어
Русский
Lennar, Mastry Ventures make multi
Aug 20, 2023Sears kit homes: Modern prefab housing at dawn of 20th century
Aug 12, 2023Korean construction materials manufacturer coming to Georgia
Aug 02, 2023DIAMONDROCK HOSPITALITY DEBUTS THE DAGNY IN BOSTON
Jul 07, 2023Why Australia should still embrace prefab houses
Aug 10, 2023White House Unveils Cybersecurity Labeling Program for Smart Devices
Dec 13, 2023New US cyber program will label smart devices that are considered safer and less vulnerable to attacks.
By
The Biden-Harris administration today announced a new cyber initiative to label smart devices that are considered safe to use and less vulnerable to attacks.
As part of the new cybersecurity labeling program, a new ‘US Cyber Trust Mark’ shield logo will be applied to products that meet specific cybersecurity criteria.
Proposed by Federal Communications Commission (FCC) Chairwoman Jessica Rosenworcel, the program is aimed at improving the cybersecurity of smart devices, including smart consumer products and electronics, climate control systems, and more.
“As proposed, the program would leverage stakeholder-led efforts to certify and label products, based on specific cybersecurity criteria published by the National Institute of Standards and Technology (NIST) that, for example, requires unique and strong default passwords, data protection, software updates, and incident detection capabilities,” the White House announced.
At the same time, the program is meant to help consumers make informed decisions regarding the security of the products they intend to buy.
The voluntary cybersecurity labeling program, which is expected to be implemented by 2024, is already seeing support from major electronics, appliances, and consumer products makers and retailers, including Amazon, Best Buy, Cisco, Google, Infineon, LG Electronics U.S.A., Logitech, Qualcomm, Samsung Electronics, and Yale and August U.S.
The FCC, which is registering a national trademark to be applied on products, will seek public comment on implementing the program. The Cybersecurity and Infrastructure Security Agency (CISA) will support FCC in educating consumers on looking for the new logo and in encouraging retailers to prioritize labeled products.
A national registry of certified devices will be available for consumers to access via a QR code, which will allow them to learn more on the cybersecurity of these smart products. In addition, by the end of 2023, NIST will define cybersecurity requirements for consumer-grade routers.
The US Department of Energy will work with the National Labs and industry members to develop cybersecurity labeling requirements for power inverters and smart meters, while the Department of State will support the FCC in engaging with international partners for similar labeling efforts.
“This new labeling program would help provide Americans with greater assurances about the cybersecurity of the products they use and rely on in their everyday lives. It would also be beneficial for businesses, as it would help differentiate trustworthy products in the marketplace,” the US said.
Related: US Publishes Implementation Plan for National Cybersecurity Strategy
Related: US Government Provides Guidance on Software Security Guarantee Requirements
Related: US Gov Cybersecurity Apprenticeship Sprint: 190 New Programs, 7,000 People Hired
Ionut Arghire is an international correspondent for SecurityWeek.
Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.
Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.
Thinking through the good, the bad, and the ugly now is a process that affords us “the negative focus to survive, but a positive one to thrive."(Marc Solomon)
Sharing threat information and cooperating with other threat intelligence groups helps to strengthen customer safeguards and boosts the effectiveness of the cybersecurity sector overall.(Derek Manky)
Securing APIs is a noble, though complex journey. Security teams can leverage these 10 steps to help secure their APIs.(Joshua Goldfarb)
While silos pose significant dangers to an enterprise's cybersecurity posture, consolidation serves as a powerful solution to overcome these risks, offering improved visibility, efficiency, incident response capabilities, and risk management.(Matt Wilson)
The need for cyber resilience arises from the growing realization that traditional security measures are no longer enough to protect systems, data, and the network from compromise.(Torsten George)
A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...
A vulnerability affecting Dahua cameras and video recorders can be exploited by threat actors to modify a device’s system time.
An innocent-looking portable speaker can hide a hacking device that launches CAN injection attacks, which have been used to steal cars.
Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.
US National Cybersecurity Strategy pushes regulation, aggressive 'hack-back' operations.
Today’s growing attack surface is dominated by non-traditional endpoints.
Vulnerabilities in electric vehicle charging management systems can be exploited for DoS attacks and to steal energy or sensitive information.
Chinese video surveillance company Hikvision has patched a critical vulnerability in some of its wireless bridge products. The flaw can lead to remote CCTV...
The Biden-Harris administration today announced a new cyber initiative to label smart devices that are considered safe to use and less vulnerable to attacks.Related: Related:Related: