Biden Administration Unveils Cyber Trust Program to Enhance Smart Device Security

In a joint effort, the Biden administration and major consumer technology players have unveiled a nationwide cybersecurity certification and labeling program aimed at assisting consumers in selecting smart devices that are less susceptible to hacking. Dubbed the U.S. Cyber Trust Mark initiative, the program will be overseen by the Federal Communications Commission (FCC), with industry participation being voluntary.

The initiative, likened to the Energy Star program for rating appliance energy efficiency, aims to provide Americans with a reliable means of identifying cybersecure internet- and Bluetooth-connected devices. Deputy national security adviser Anne Neuberger highlighted the significance of the program, stating that it would instill confidence in consumers.

Industry giants such as Amazon, Best Buy, Google, LG Electronics USA, Logitech, and Samsung are among the participants, with plans to introduce the "Cyber Trust" label — a shield logo — on devices that meet the government's cybersecurity requirements as early as next year. FCC Chairwoman Jessica Rosenworcel emphasized that the mark would offer peace of mind to consumers and benefit manufacturers who adhere to the National Institute of Standards and Technology's criteria.

The FCC has initiated a rule-making process to establish the program's standards and is seeking public feedback. Additionally, certified devices will feature QR codes that users can scan to access updated security information. The Consumer Technology Association expects to showcase certification-ready products at CES 2024, the industry's annual January event, once the FCC finalizes the rules. A senior Biden administration official noted that products qualifying for the label would require annual re-certification. 

While the White House's proposal has garnered support from industry experts, Justin Brookman, the director of technology policy at Consumer Reports, cautioned that effective adoption would require further efforts. He expressed hope that the labeling initiative would foster healthy competition among manufacturers, compelling them to prioritize consumer security and privacy while committing to long-term support for their connected devices.

The Cyber Trust initiative, which was initially announced in October after a meeting between White House officials and tech industry representatives, comes in response to the surge in cybercrime, where a single vulnerable device can serve as a gateway for cyberintruders to gain access to an entire home network.

Cyber experts reacted to the effort to provide more transparency to users about the security of their IoT products:

Christine Gadsby, VP of Product Security, BlackBerry

"Smart thermostats, wireless security cameras, and digital doorbells come with promises of greater savings, safety, or convenience. But they can also serve as back doors for hackers looking to get into your home network. While these next-generation devices promise to make our homes “smarter”, they’re not necessarily more cyber secure. Our homes are our havens, and our smart devices are supposed to bring us peace of mind. Without understanding the level of cybersecurity baked into these products, we may unintentionally allow strangers to shatter our sense of security and violate the sanctity of our homes. So it’s no surprise four in five consumers surveyed by BlackBerry believe the rollout of a cybersecurity labeling system would make them feel safer and more informed when using Internet-connected devices, and two-thirds would be prepared to pay more for products with higher rankings. At the end of the day, we need to protect what matters the most: our families. This starts with realizing that security should be a requirement and shouldn’t be an optional add-on — or worse, not thought of at all when it comes to the devices we buy. It’s a right."

Read the full article and learn more about the program here.

Related Reading

• Securing Next-Generation Medical Devices with BlackBerry Embedded Software
• Five Steps to Zero Trust Network Access: Identifying Your Applications
• Vulnerable Software Supply Chains Are a Multi-Billion Dollar Problem 
• BlackBerry AGM 2023: CEO John Chen on Building Trust for Our ‘Converged’ Future (Video)