Skip to main content
close search
site logo

White House plans IoT security labeling program for spring 2023

Major connected device manufacturers, retailers and industry groups back efforts to boost cyber awareness.

Published Oct. 21, 2022
David Jones's headshot
Reporter
Green lights show behind plugged-in cables.
gorodenkoff/iStock via Getty Images

The White House confirmed plans to launch a cybersecurity consumer labeling program for Internet of Things devices by the spring of 2023, following a Wednesday summit with some of the nation’s top device makers, retailers and industry associations.

Biden administration officials plan to implement a voluntary Energy Star-type labeling system that would give consumers information on a range of internet-connected smart devices that pose potential risks of being hacked. 

“A labeling program to secure such devices would provide American consumers with the peace of mind that the technology being brought into their homes is safe, and incentivize manufacturers to meet higher cybersecurity standards and retailers to market secure devices,” National Security Council spokesperson Adrienne Watson said in an official White House statement.

The program is part of a wider effort by the Biden administration to boost government and private sector cybersecurity standards in order to avoid disruptive attacks like the 2020 SolarWinds nation state campaign and the 2021 ransomware attack against Colonial Pipeline.

The White House previously disclosed plans to launch the program by rating home routers and cameras, which expanded plans to add additional devices. 

Connected IoT devices are used by millions of consumers, ranging from home routers to baby monitors, smart-home controllers for security and lights and smart televisions. Consumers largely know nothing about the security of the devices they purchase, and the labeling system is seen as a way to create encourage security to be flagged before they are sold on the open market. 

Google expressed support for the effort to raise security standards across the IoT industry, saying such a move would drive awareness among consumers to the security of connected devices, in a blog post. 

Google noted steps it had previously taken to boost the security of its Nest and Pixel devices, and is now extending the program to its Fitbit connected watch brand. 

Officials from the Carnegie Mellon CyLab Security and Privacy Institute presented research findings at the White House meeting that showed consumers were willing to pay a premium for connected devices when they were informed about the security and privacy implications of their purchasing decisions. 

Some of remaining questions will center around whether manufacturers would be able to self certify or require a third party and whether labels should incorporate more data privacy measures, according to the R Street Institute.

Correction: In a previous version of this article, the year of the nation state campaign against SolarWinds was misidentified. It was in 2020. 

 

Editors' picks

Company Announcements

View all | Post a press release
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Editors' picks
Latest in Vulnerability
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell