Subscribe to receive Urgent Communications Newsletters
Catch up on the latest tech, media, and telecoms news from across the critical communications community
FCC pitches voluntary security labeling program for IoT devices
2 Min Read
In the wake of new requirements for US ISPs to provide nutrition-style labels regarding broadband prices and speeds, the FCC is now proposing a voluntary program focused on cybersecurity labeling for Internet of Things (IoT) devices.
The idea behind the proposal is to provide consumers with clear information about the security of their IoT devices. Qualifying products, determined in part by baseline criteria recommended by the National Institute of Standards and Technology (NIST), would bear a new shield-shaped “US Cyber Trust Mark” that consumers could refer to when making IoT purchasing decisions. That proposed logo would appear on packaging alongside a QR code that would link consumers to more info.
The mark would also “differentiate trustworthy products in the marketplace, and create incentives for manufacturers to meet higher cybersecurity standards,” the FCC reasoned in an FAQ (PDF) about the proposed program.
Like the Energy Star program
While some people might be inclined to link the new security labeling program to the FCC’s broadband labeling program, the Commission compares it to Energy Star, a program that helps consumers identify energy-efficient products and incentivizes companies to build them.
The FCC said it’s stepping in with this Notice of Proposed Rulemaking (NPRM) as IoT devices such as home security cameras, medical devices, lights, garage door openers and baby monitors continue to proliferate and consumer adoption of such devices expands the risk of cybercriminals launching denial of service attacks and other malicious acts.
“There are now so many new devices – from smart televisions and thermostats to home security cameras, baby monitors, and fitness trackers – that are connected to the internet,” FCC Chairwoman Jessica Rosenworcel said in a statement. “But this increased interconnection brings more than just convenience; it brings increased security risk.”
The FCC is seeking comment in multiple areas, including the scope of devices that should be included in the program (for example, Wi-Fi gateways), who should oversee and manage the program, how security standards might apply to different types of IoT products, how to demonstrate compliance with those standards, and how to protect against unauthorized use of the cybersecurity label.
To read the complete article, visit Light Reading.
