Is your robotic vacuum or fridge a security threat? You bet they are.

Smart devices are an information and cybersecurity risk for consumer. The new US Cyber Trust Mark is a first step toward trust and confidence.

Indeed, your connected “Internet of Things” (IoT) or “Smart” devices from robotic mover, vacuum, pool cleaner, to your smart fridge, oven, TV, cameras, streaming devices, etc. all contain software and firmware that can be hacked and used to spy on you and your data.

๐—›๐—ฒ๐—ฟ๐—ฒโ€™๐˜€ ๐˜€๐—ผ๐—บ๐—ฒ ๐—ด๐—ผ๐—ผ๐—ฑ ๐—ป๐—ฒ๐˜„๐˜€.

The U.S. government has launched the ๐—จ.๐—ฆ. ๐—–๐˜†๐—ฏ๐—ฒ๐—ฟ ๐—ง๐—ฟ๐˜‚๐˜€๐˜ ๐— ๐—ฎ๐—ฟ๐—ธ, a cybersecurity label for ๐—œ๐—ป๐˜๐—ฒ๐—ฟ๐—ป๐—ฒ๐˜-๐—ผ๐—ณ-๐—ง๐—ต๐—ถ๐—ป๐—ด๐˜€ (๐—œ๐—ผ๐—ง) devices aimed at improving security and transparency for consumers.

Many IoT devices are vulnerable to cyber threats. The Cyber Trust Mark will indicate products that meet strict cybersecurity standards, empowering consumers to make safer choices.

๐—ช๐—ต๐—ฎ๐˜ ๐—ฑ๐—ผ๐—ฒ๐˜€ ๐˜๐—ต๐—ฒ ๐—–๐˜†๐—ฏ๐—ฒ๐—ฟ ๐—ง๐—ฟ๐˜‚๐˜€๐˜ ๐— ๐—ฎ๐—ฟ๐—ธ ๐—ฑ๐—ผ?

The label requires a QR-code displayed on the compliant product linking to:
โ€ข Manufacturerโ€™s software update policies
โ€ข Automatic security patches
โ€ข Guidance on changing default passwords, key threat vector for any connected device and account
โ€ข Suggestions for secure configuration

The program applies to common IoT devices like:
โ€ข Smart appliances
โ€ข Surveillance cameras and baby monitors
โ€ข Wearables like fitness trackers, etc.

The label specifically excludes medical devices, vehicles, industrial equipment, and products flagged for national security concerns are not included.

๐—–๐—ฒ๐—ฟ๐˜๐—ถ๐—ณ๐—ถ๐—ฐ๐—ฎ๐˜๐—ถ๐—ผ๐—ป ๐—ฃ๐—ฟ๐—ผ๐—ฐ๐—ฒ๐˜€๐˜€

Manufacturers must:
1. Meet cybersecurity standards set by NIST in its current release
2. Have their devices tested by accredited third party labs
3. Apply through authorized administrators

๐—•๐—ฎ๐—ฐ๐—ธ๐—ด๐—ฟ๐—ผ๐˜‚๐—ป๐—ฑ

Initiated in 2023, the program is the result of collaboration between federal agencies and industry experts. The goal is to simplify security choices for consumers while encouraging manufacturers to prioritize robust protections.

๐—•๐˜† ๐—ถ๐—ป๐˜๐—ฟ๐—ผ๐—ฑ๐˜‚๐—ฐ๐—ถ๐—ป๐—ด ๐˜๐—ต๐—ฒ ๐—จ.๐—ฆ. ๐—–๐˜†๐—ฏ๐—ฒ๐—ฟ ๐—ง๐—ฟ๐˜‚๐˜€๐˜ ๐— ๐—ฎ๐—ฟ๐—ธ, ๐˜๐—ต๐—ฒ ๐—ด๐—ผ๐˜ƒ๐—ฒ๐—ฟ๐—ป๐—บ๐—ฒ๐—ป๐˜ ๐—ฎ๐—ถ๐—บ๐˜€ ๐˜๐—ผ ๐—ฏ๐˜‚๐—ถ๐—น๐—ฑ ๐˜๐—ฟ๐˜‚๐˜€๐˜ ๐—ถ๐—ป ๐—œ๐—ผ๐—ง ๐—ฑ๐—ฒ๐˜ƒ๐—ถ๐—ฐ๐—ฒ๐˜€, ๐—บ๐—ฎ๐—ธ๐—ถ๐—ป๐—ด ๐—ถ๐˜ ๐—ฒ๐—ฎ๐˜€๐—ถ๐—ฒ๐—ฟ ๐—ณ๐—ผ๐—ฟ ๐—ฐ๐—ผ๐—ป๐˜€๐˜‚๐—บ๐—ฒ๐—ฟ๐˜€ ๐˜๐—ผ ๐—ฎ๐—ฑ๐—ผ๐—ฝ๐˜ ๐˜€๐—บ๐—ฎ๐—ฟ๐˜ ๐˜๐—ฒ๐—ฐ๐—ต๐—ป๐—ผ๐—น๐—ผ๐—ด๐˜† ๐˜„๐—ถ๐˜๐—ต ๐—ฐ๐—ผ๐—ป๐—ณ๐—ถ๐—ฑ๐—ฒ๐—ป๐—ฐ๐—ฒ.

#GSInfoSec #NIST #InfoSec #ISMS #ISO27001 #TISAX #Automation #Robotics #Manufacturing

Picture of Wolf von Schoen (Editor)

Wolf von Schoen (Editor)

Wolfram von Schoen is a German-American automation engineer and information security professional with 30+ years of experience in industrial operations, product development, and business systems consulting. He is the founder and president of the Granite State InfoSec Companies, specializing in Information Security Management Systems like ISO/IEC 27001 and TISAXยฎ, and Business Continuity Management. A third term elected water commissioner and active Rotarian, he lives in New Hampshire and enjoys the outdoors and motorcycling.
Get in Touch