FCC Releases Voluntary CYBER TRUST MARK for IoT
The program allows manufacturers to put a new “U.S Cyber Trust Mark” on devices that comply with cybersecurity standards developed by the National Institute of Standards and Technology (NIST), including what the White House described last year as “unique and strong default passwords, data protection, software updates, and incident detection capabilities.”
FCC commissioners voted unanimously for it. When was the last time that happened? I can’t remember a time.
The trust mark is for wireless consumer products – like, for example, baby monitors and security cameras (and a lot more). We have heard of way too many stories of these cameras being hijacked and pedophiles watching you and your kids doing what pedophiles do. There have even been cases of them talking to the homeowner, scaring the crap out of them.
A number of retailers like Amazon and best Buy have agreed to participate.
Here is the fun part. Oversight of the program will be done by the Department of Justice with help from CISA.
The FCC is doing one smart thing. No company on the covered list (which includes a number of Chinese companies) needs to bother to apply – they will not be approved.
Whether this will gain traction is unclear, but we have to do something.
The feds would like this to become a worldwide standard.
They are still soliciting input for additions to the rules including disclosing what country the product was developed in and what country your data goes to.
The Trust Mark will include a QR code which links to a registry with more security information.
Credit: The Record and Darknet