In an effort to strengthen cybersecurity protections for American consumers, the Biden-Harris administration announced on July 18, 2023,U.S. Cybertrustmark Programa new voluntary certification and labeling initiative for smart devices.
Led by Federal Communications Commission (FCC) Chairman Jessica Rosenworthel, the program aims to improve the cybersecurity of commonly used devices such as smart refrigerators, microwave ovens, televisions, air conditioning systems and fitness trackers. intended to strengthen.
The effort has already received significant support from leading electronics, appliance and consumer product manufacturers, as well as various retailers and trade associations. These include Amazon, Best Buy, Google, LG Electronics USA, Logitech and Samsung Electronics.
Under the proposed program, products that meet established cybersecurity standards will display a distinctive Shield logo to help consumers make informed decisions about the security of the devices they bring into their homes. .
For more information on smart device security, see Smart pet feeders expose personal data.
Certification criteria are set based on cybersecurity guidelines published by the National Institute of Standards and Technology (NIST), including strong default passwords, data protection, software updates, and incident detection capabilities.
The FCC will use its powers to regulate wireless communications equipment to seek public comment on the development of a voluntary cybersecurity labeling program that is expected to be operational by 2024.
To further aid transparency and competition, the FCC plans to incorporate QR codes that link to national registries of certified devices to provide consumers with specific and comparable security information.
Proactive Penetration Testing and Vulnerability Assessment
The program will also be expanded to include consumer routers, a high-risk product category, and may also include smart meters and power inverters, essential components of future smart grids.
The US State Department said it will work with allies and partners to promote international harmonization of standards and recognition of similar labeling efforts.
“This is a great initiative for the United States and will go a long way in helping consumers become more aware of devices deemed safe by the government,” said CEO William Wright. closed room security.
“One caveat to this plan, however, is the prevalence of zero-day vulnerabilities that can be discovered in devices long after they have been sold to consumers.”
According to the executive, this means that all vendors involved in the program consistently perform proactive penetration testing and vulnerability assessments on their devices, and can easily patch and update if issues are discovered. This means that it should be applicable to
“After all, as the world has experienced many times lately, what seems safe today is no guarantee that it will be safe tomorrow.”
US Cybertrust Program Announcement Comes Days After White House published the plan It was announced on July 13, 2017, toward the implementation of the National Cybersecurity Strategy.
