The Biden-Harris Administration has announced that it is working on a new cybersecurity certification and labeling program to help Americans more easily choose smart devices that are safer and less vulnerable to cyberattacks. “U.S. Cyber Trust Mark,” as the program is called, will incorporate a distinct shield logo that is applied to products meeting established cybersecurity criteria. The program isn’t expected to launch until 2024, but Amazon, Best Buy, Google, Logitech, and other manufacturers/retailers have already pledged their support.
Further Measures Complementing U.S. Cyber Trust Mark
- The FCC intends the use a QR code linking to a national registry of certified devices to provide consumers with specific and comparable security information about these smart products. Working with other regulators and the U.S. Department of Justice, the Commission plans to establish oversight and enforcement safeguards to maintain trust and confidence in the program.
- NIST will also immediately undertake an effort to define cybersecurity requirements for consumer-grade routers—a higher-risk type of product that, if compromised, can be used to eavesdrop, steal passwords, and attack other devices and high value networks. NIST will complete this work by the end of 2023, to permit the Commission to consider use of these requirements to expand the labeling program to cover consumer grade routers.
- The U.S. Department of Energy today also announced a collaborative initiative with National Labs and industry partners to research and develop cybersecurity labeling requirements for smart meters and power inverters, both essential components of the clean, smart grid of the future.
- Internationally, the U.S. Department of State is committed to supporting the FCC to engage allies and partners toward harmonizing standards and pursuing mutual recognition of similar labeling efforts.