The US Security Standard For IoT Devices

The US government has launched its long-awaited Internet of Things (IoT) cyber security labelling program with the aim of protecting people the security risks associated with Internet-connected devices. Now, the US Federal Communications Commission (FCC) has released a cyber security labelling program to improve users security of the IoT.

“These smart devices or products might include home office routers, digital personal assistants, home security systems, voice-activated shopping, Internet-connected appliances, fitness trackers, GPS trackers, medical devices, garage door openers, and baby monitors,” the FCC has said in a press release.

The aim is to “To provide consumers with the peace of mind that the technology being brought into their homes is reasonably secure, and to help guard against risks to communications,” says the US Government Federal Register.

The FCC says the program will be similar to the Energy Star program, which helps users identify energy-efficient appliances, and promote more cyber secure smart devices.

The enormously growing numbers of smart products already connected to networks bring enormous security challenges.

IoT devices are susceptible to a wide range of vulnerabilities, such as default passwords, a lack of regular security updates, weak encryption, and insecure authentication. Furthermore, since IoT devices are often installed in public spaces or remote locations, their physical security may also be compromised, vulnerable to theft, tampering, vandalism, or unauthorised access.

FCC Chairwoman Jessica Rosenworcel contends that while beneficial, increased interconnection also brings increased security risk, saying: “Smart devices make our lives easier and more efficient…But increased interconnection also brings increased security and privacy risks”

“After all, every device connected to the Internet is a point of entry for the kind of cyber attacks that can take our personal data and compromise our safety.” she said.

These new proposals aim to assure users that the manufacturers adhere to widely accepted cyber security standards. However, there was a proposed requirement that manufacturers disclose the length of time they’ll provide security updates for their devices and whether they’ll fix known security vulnerabilities, which raises issues.

Another possible risk is increased manufacturing costs are also a risk, which might make devices more expensive, although many will agree that the FCC’s proposal is a step in the right direction, but some are still hoping for further and mandatory security requirements.

I-His:     FCC:     FCC:     FCC:     NIST:     Tech Crunch:     Federal Register              Image: Stephen Phillips

You Might Also Read:

Blockchain Is The New IoT Standard:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« China Accuses The US Of Spying On Huawei
The Rapid Rise In DNS Attacks Demands New Approaches To Cyber Defense »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ESET

ESET

ESET provide security software for enterprises and consumers - Antivirus Software, Internet Security and Virus Protection.

American International Group (AIG)

American International Group (AIG)

AIG, is an American multinational insurance corporation. Commercial services include cyber risk insurance.

SecurePay

SecurePay

SecurePay is Australia's premier payment gateway, with a range of secure online payment solutions for online retailers, SMEs and enterprise businesses.

AppViewX

AppViewX

AppViewX is a global leader in the management, automation and orchestration of network services in data centers.

NetGuardians

NetGuardians

NetGuardians is a leading Fintech company recognized for its unique approach to fraud and risk assurance solutions.

Ergon Informatik

Ergon Informatik

Ergon Informatik AG is Switzerland's leading provider of customised software solutions and software products including fraud detection and the Airlock web security suite.

Early Birds

Early Birds

Early Birds is a Business to Business (B2B) marketplace for Innovators (Startups/Scaleups) and Early Adopters to exchange value early on.

Horizon3.ai

Horizon3.ai

Horizon3.ai is a leader in security assessment and validation enabling continuous security overwatch from an attacker’s perspective through our NodeZero SaaS solution.

World Cyber Security Summit

World Cyber Security Summit

World Cyber Security Summit, by Trescon, is a thought-leadership driven platform for CISOs who are looking to explore new-age threats and the technologies/strategies that can help mitigate them.

AWARE7

AWARE7

IT security for human and machine. With the help of our products and services, we work with you to increase the IT security level of your organization.

Minorities in Cybersecurity (MiC)

Minorities in Cybersecurity (MiC)

MiC was developed out of a unique passion to help fill the gap that exists in the support and development of women and minority leaders in the cybersecurity field.

Indevtech

Indevtech

Indevtech has been serving Hawaii since 2001, providing end-to-end managed IT services to small- and medium-businesses.

ThreatER

ThreatER

ThreateER (formerly ThreatBlockr / Bandura Cyber) is a cybersecurity platform that provides active network defense by automating the discovery, enforcement, and analysis of cyber threats at scale.

Irys Technologies

Irys Technologies

Irys Technologies specialize in pioneering digital transformation solutions designed to streamline communications and enhance maintenance and operational efficiency for a variety of sectors.

Onum

Onum

Onum helps security and IT leaders focus on the data that's most important. Gain control of your data by cutting through the noise for deep insights in real time.

Price Forbes

Price Forbes

Building on more than 100 years of specialist insurance broking, Price Forbes partner with clients around the world who are looking to understand and balance today’s risk and plan for the future.