The White House’s National Security Council (NSC) is working on an ambitious project to improve consumer Internet of Things (IoT) security through industry-standard labeling. If successful, the labeling system will replace existing frameworks across the globe.
Modeled after the EPA’s Energy Star labeling program, the IoT labeling initiative should have two effects: to educate and inform consumers, and to provide a strong incentive to manufacturers to make their products more secure.
The government wants the program to roll out in the Spring of 2023. But what must these labels address from the perspective of cybersecurity specialists?
Why Consumer IoT Matters to Cybersecurity Professionals
IoT devices represent a special kind of security threat. Consumers buy fun or useful gadgets with a focus on the price, features or convenience, often without considering security. After all, how threatening could a toaster, security camera, smart doorbell, smart light switch, air-quality monitor or fitness dog collar really be?
This perception issue is the main problem with consumer IoT. A “smart light bulb” sounds innocent. But all IoT devices are, by definition, nonstandard microprocessor-based computers that run software and send data over a network.
In fact, the majority of “computers” in the world are IoT devices rather than servers, laptops or desktops. Billions of devices come in thousands of types. This combination of ubiquity and variety causes even more issues for cybersecurity.
Operating systems manufacturers and application vendors stay vigilant for new security threats and issue regular patches and updates. But is the maker of smart home smoke detectors performing those tasks? The new labels should light a fire to get ..
Support the originator by clicking the read the rest link below.
