Nigeria’s Federal Communications Commission (FCC) proposes a voluntary Cyber Trust Mark program to introduce cybersecurity labels for IoT devices and other consumer products. This program aims to help consumers identify and select products that meet specific cybersecurity criteria, reducing the risk of cyber attacks.
Participating companies can display a distinctive shield logo on their products that adhere to cybersecurity standards, such as strong default passwords, data protection, software updates, and incident detection capabilities outlined by the National Institute of Standards and Technology (NIST). The proposal includes plans for QR codes, enabling consumers to access a national registry of certified devices for easy comparison of security information. The FCC plans to seek public feedback on the program’s rollout, expected in 2024.
In the initial phase, the focus of the cybersecurity labeling program will be on consumer devices like smart refrigerators, TVs, and fitness trackers.
Subsequently, the program will address consumer-grade routers, which are considered to be at higher risk. Compromised routers could enable attackers to steal sensitive information, eavesdrop on communications, and launch attacks on other devices and valuable networks.
NIST is responsible for establishing the cybersecurity requirements these routers must meet to qualify as cybersecure under the labeling program. The FCC will consider NIST’s recommendations but has not committed to adopting them outright.
In another stage of the program, attention will be directed towards ensuring the security of devices used in clean energy smart grids. The Department of Energy, National Labs, and industry partners will collaborate on researching and developing the necessary cybersecurity labeling requirements for smart meters and power inverters used in such energy grids.
The White House announced a new labeling program aimed at providing Americans with greater confidence in the cybersecurity of everyday products, such as smart devices. The initiative will also help businesses distinguish trustworthy products in the market.
As part of the Biden administration’s broader cybersecurity strategy, the National Cybersecurity Strategy Implementation Plan outlined specific goals, including the establishment of a U.S. government IoT security labeling program, to be led by a designated agency by Q4 of fiscal year 2023. Although the Cyber Trust Mark program is voluntary, companies like Amazon, Best Buy, Google, LG Electronics, Logitech, and Samsung Electronics have already pledged to enhance their products’ cybersecurity and expressed support for the initiative.