Cybersecurity Labeling System Coming to IoT Devices in 2023

The Biden administration is implementing a cybersecurity labeling program designed to protect consumers using Internet of Things devices from “significant national security risks.” Beginning in the spring of 2023, IoT smart hardware will begin carrying a “label for products that meet U.S. government standards and are tested by vetted and approved entities,” according to the White House. The program will start with high-risk devices like routers and cameras. To jump-start the initiative, the White House hosted an IoT Cybersecurity Summit attended by national security officials, hardware manufacturers and representatives from consumer product associations.

Senator Angus King (I-Maine) provided opening remarks for an audience that included representatives from Amazon, Cisco, Comcast, Google, Intel, LG, Samsung and Sony. National Security Council deputy advisor for cyber and emerging technology Anne Neuberger, FCC chairwoman Jessica Rosenworcel and National Cyber Director Chris Inglis were also present.

“It’s no secret that IoT devices generally have weak postures,” writes TechCrunch, noting “weak default passwords have allowed botnet operators to hijack insecure routers to pummel victims with floods of Internet traffic, knocking entire websites and networks offline,” while “other malicious hackers target IoT devices as a way to get a foot into a victim’s network, allowing them to launch attacks or plant malware from the inside.”

The program is designed to “incentivize manufacturers to meet higher cybersecurity standards and retailers to market secure devices,” from baby monitors to kitchen appliances, according to a statement by National Security Council spokeswoman Adrienne Watson.

The initiative is being described as “an Energy Star for cyber,” and build on cybersecurity standards developed by the National Institute of Standards and Technology and the Federal Trade Commission, Watson said.

While the specifics of the program have yet to be detailed, the administration says it plans to “keep things simple,” with a barcode that can be scanned on a smartphone. “The scanned barcode will link to information based on standards, such as software updating policies, data encryption and vulnerability remediation,” TechCrunch reports.

The labeling initiative is part of a comprehensive approach to taking steps to “lock our digital doors,” says the White House, which earlier this month unveiled steps for the secure IoT devices that are part of the nation’s critical infrastructure.

In May 2021, President Biden issued an executive order on improving the nation’s cybersecurity. In 2020, the IoT Cybersecurity Improvement Act became law, dealing with “the federal government’s use of IoT devices,” which “though perhaps less visible than consumer adoption of IoT devices, is increasing,” according to The National Law Review.

Last year, the UK Parliament introduced an IoT security bill that would require device manufacturers, importers, and distributors to comply with cybersecurity standards.

No Comments Yet

You can be the first to comment!

Sorry, comments for this entry are closed at this time.