Yesterday, the White House convened leaders from the private sector, academic institutions, and the U.S. Government to advance a national cybersecurity labeling program for Internet-of-Things (IoT) devices. The Biden-Harris Administration has made it a priority to strengthen our nation’s cybersecurity, and a key part of that effort is ensuring the devices that have become a commonplace in the average American household – like baby monitors or smart home appliances – are protected from cyber threats. A labeling program to secure such devices would provide American consumers with the peace of mind that the technology being brought into their homes is safe, and incentivize manufacturers to meet higher cybersecurity standards and retailers to market secure devices.
Yesterday’s dialogue focused on how to best implement a national cybersecurity labeling program, drive improved security standards for Internet-enabled devices, and generate a globally recognized label. Government and industry leaders discussed the importance of a trusted program to increase security across consumer devices that connect to the Internet by equipping devices with easily recognized labels to help consumers make more informed cybersecurity choices (e.g., an “EnergyStar” for cyber). These conversations build on the foundational work that has been pioneered by the private sector and the National Institute of Standards and Technology (NIST) to help build more secure Internet-connected devices. It also follows President Biden’s Executive Order on Improving the Nation’s Cybersecurity, which highlighted the need for improved IoT security and tasked NIST, in partnership with the Federal Trade Commission, to advance improved cybersecurity standards and standardized product labels for these devices.
The companies and industry associations that participated in yesterday’s dialogue represent some of the world’s largest manufacturers and retailers of Internet enabled consumer products, who will work with the U.S. Government to move this initiative forward, including: Amazon, the American National Standards Institute, AT&T, Cisco Systems, Comcast, Consumer Reports, the Consumer Technology Association, the Connectivity Standards Alliance, CTIA, Google, Intel, ioXt, LG, the National Retail Federation, Samsung, Sony, and UL Solutions. Additional participants represented include: the National Security Council, the Office of the National Cyber Director, the Office of Science and Technology Policy, the National Economic Council, the Department of Commerce, the Department of Energy, the Department of Homeland Security, the Department of State, the Federal Communications Commission, the Federal Trade Commission, the Consumer Product Safety Commission, the European Commission, the Atlantic Council, Carnegie Mellon University, and R Street Institute. U.S. Senator Angus King (I-ME) provided opening remarks.
Based on yesterday’s discussions, the White House will continue to develop the national cybersecurity labeling program for a targeted rollout in the Spring of 2023.