Search Icon White
cyber nist news

NIST Seeks Public Input on Consumer Software Labeling for Cybersecurity


Comments Due by December 16, 2021

In an effort to improve consumers’ ability to make informed decisions about software they purchase, NIST has drafted a set of cybersecurity criteria for consumer software. The criteria are intended to aid in the development and voluntary use of labels to indicate that the software incorporates a baseline level of security measures.

The document, Draft Baseline Criteria for Consumer Software Cybersecurity Labeling, forms part of NIST’s response to the May 12, 2021Executive Order (EO) 14028 on Improving the Nation’s Cybersecurity. The EO specifies that NIST “shall identify secure software development practices or criteria for a consumer software labeling program” — criteria that reflect a baseline level of cybersecurity and that focus on ease of use for consumers.

Comments on the draft document are due by December 16, 2021, and can be emailed to [email protected]. Please submit comments along with the submitter’s name and organization, and use the subject “Draft Consumer Software Labeling Criteria." All comments will be published on the project's website.


See related news

Feedback Sought: NIST Issues Second Draft of Cybersecurity Supply Chain Risk Management Practices

Every Click Counts: Are You Doing Your Part To Be Cyber Smart?


Jana Zabinski

Senior Director, Communications & Public Relations


[email protected]

Beth Goodbaum

Journalist/Communications Specialist


[email protected]