As products connected to the Internet-of-Things (IoT), from kitchen appliances to cars, become increasingly common across the country, cybersecurity concerns have proliferated. A recent event at the White House brought together leaders in the public and private sectors to advance a cybersecurity labeling program for IoT devices.
The national labeling program would increase security across household IoT devices with the use of easily recognized labels (similar to “EnergyStar” labels) that help consumers to make more informed cybersecurity choices. The initiative follows President Biden’s Executive Order on Improving the Nation’s Cybersecurity, which prompts the National Institute of Standards and Technology (NIST) and the Federal Trade Commission (FTC) to advance improved cybersecurity standards and related standardized product labels.
Dialogue at the White House event centered on how to best implement a national cybersecurity labeling program and generate a globally recognized label, as well as how to drive improved security standards for Internet-enabled devices.
American National Standards Institute (ANSI) vice president, government relations and public policy Mary Saunders participated as a discussant, sharing her expertise on the role of government for global acceptance of IoT security labels. Saunders spoke on steps that the U.S. government can take to support adoption of IoT security labels, implementation of best practices, and international recognition and acceptance of security labels.
“The meeting was a great example of the value of the public-private partnership in standardization,” said Saunders. “It highlighted the commitment of a broad range of stakeholders to identify robust standards and conformity assessment practices that can underpin a flexible approach to a successful labeling program. ANSI looks forward to continued public-private sector collaboration in this area.”
Additional discussions at the event addressed harnessing market forces to accelerate the development of the program; incentivizing the ability of manufacturers and retailers to incorporate cybersecurity functionality; harmonizing international labeling programs to reduce barriers to trade; and identifying the oversight and regulatory mechanisms necessary to support IoT security baselines.
ANSI and other participants in the event will continue to work with the U.S. government in the coming months to further this initiative. The White House has announced a targeted roll out for the cybersecurity labeling program in spring 2023.