"How Can the White House's New IoT Labels Improve Security?"

The National Security Council (NSC) of the White House is working on a project aimed at improving Internet of Things (IoT) consumer security through industry-standard labeling. If successful, the labeling system will replace existing frameworks. The IoT labeling initiative, modeled after the US Environmental Protection Agency's (EPA) Energy Star labeling program, is expected to educate and inform consumers, as well as provide manufacturers with a strong incentive to improve the security of their products. The administration intends to launch the initiative in the spring of 2023. However, the question of what these labels must address from the standpoint of cybersecurity professionals remains. IoT devices pose a unique type of security risk. Typically, consumers purchase entertaining or helpful devices with a focus on pricing, functionality, or convenience without regard for security. A toaster, security camera, smart doorbell, smart light switch, air-quality monitor, and fitness dog collar are not commonly regarded as dangerous. This perception problem is the primary obstacle for consumer IoT. By definition, all IoT devices are nonstandard microprocessor-based computers that execute software and transfer data through a network. Most "computers" are IoT devices rather than servers, laptops, or desktops. In addition, billions of devices come in various types. This combination of pervasiveness and diversity exacerbates cybersecurity challenges. Manufacturers of operating systems and application providers are attentive to new security threats and release regular updates and fixes. The new labeling should motivate IoT manufacturers to prioritize security more. This article continues to discuss the IoT labeling initiative and why consumer IoT matters to cybersecurity professionals. 

Security Intelligence reports "How Can the White House's New IoT Labels Improve Security?"