Jul 19 – In the U.S., government officials have launched a much-awaited Internet of Things (IoT) cyber security labeling program, which is intended to protect Americans from the security and data privacy risks associated with internet-connected devices.
Named “U.S. Cyber Trust Mark,” the program aims to help Americans ensure that they purchase IoT devices that have strong cyber security protocols and protections in-place.
The program is voluntary, and inspired by the Energy Star labeling system. Officials hope that the program will ‘raise the bar’ for IoT security.
U.S. Cyber Trust Mark
The U.S. Cyber Trust Mark itself will look like a shield-shaped logo. The logo is intended to appear on products that meet established cyber security criteria.
The criterion were established by the National Institute of Standards and Technology (NIST) and will require, for example, that devices protect both stored and transmitted data, provide regular security updates and retain incident detection capabilities. The full list of standards has yet to be finalized.
Unlike logos of yesteryear, the Cyber Trust Mark will not only look like a sticker, but it will also have a QR code embedded within it. The QR code will link to a national registry of certified devices and provide up-to-date security information (software updating policies, data encryption standards…etc.).
Prioritizing labeled products
Retailers that are based in the U.S. will be encouraged to prioritize labeled products when placing them on shelves or when listing them online. Big businesses that have already agreed to comply include Best Buy, Amazon, Cisco, Google, LG, Qualcomm and Samsung.
In the early stages of this new IoT initiative, officials will focus on high-risk consumer devices. As the initiative moves forward, the U.S. Department of Energy expects to develop cyber security labeling requirements for smart meters and power inverters.