Ensuring IoT security
White House to Meet With Businesses on Internet of Things Security Labels
The Biden-Harris administration has announced in a fact sheet that it will hold a stakeholder meeting to discuss a product labeling system meant to secure internet of things products. The proposed label would signify that an item conforms with U.S. government standards and has been tested by approved entities. The move follows a directive to establish federal standards under the IoT Cybersecurity Improvement Act enacted by former President Donald Trump, FCW reported.
In March, a National Institute of Standards and Technology official said that the institute would submit a report on a prospective labeling program to the White House in May. The official added that political incentives for private-sector participation could be in play.
Under the IoT Cybersecurity Improvement Act, NIST is required to issue security standards for government use of IoT devices. The institute released four draft documents shortly after the law’s passage in December 2020 that outline ways for agencies and manufacturers to ensure cybersecurity on such products. One publication offered guidance on the integration of an IoT device into a federal information platform and the identification of related cybersecurity requirements.
NIST is also required by the Cybersecurity Improvement Act to standardize the software vulnerability disclosure process. A set of draft recommendations have been provided by the institute that emphasizes the proper handling of vulnerability reports. The framework is intended to be applicable to federally controlled software, hardware and digital services.
Category: Cybersecurity