White House unveils "US Cyber Trust Mark" to help determine if your devices are secure

An American flag flying outside the US Capitol building against a blue sky

(Image credit: Getty Images)

The US Government is introducing a "Cyber Trust Mark" for consumer devices
Devices will have to meet criteria set by the NIST
This aims to build consumer trust in internet connected products

The White House has announced the ‘U.S. Cyber Trust Mark’, a labeling initiative looking to build trust in the consumer device market.

The Mark will act as an indicator that the product being sold has met the National Institute of Standards and Technology (NIST) cybersecurity criteria.

As ‘smart’ wireless internet connected devices have entered more homes across the country, so has the security risk that comes with hackable tech. Appliances and tech like home security systems, smart speakers, and internet connected kitchen or cleaning devices all present cybersecurity risks if compromised by threat actors.

A mark of confidence

After passing a bipartisan vote to authorize the program and trademark the shield logo that will be applied to products which fit the criteria, the FCC gave conditional approval to 11 companies as ‘Cybersecurity Label Administrators’, including Intertek Testing Services NA, and ioXt Alliance.

The criteria for the NIST standards includes strong default passwords, patching, data protection frameworks, and cyber incident detections. Firms like Best Buy and Amazon have expressed their support for the program, highlighting the opportunity to build consumer trust.

Not everyone is so enthusiastic about the initiative, with some concerned about the lack of rigorous testing for vendors, and pointing out that the mark does not include binding security requirements for vendors.

Whilst most agree the program is a step in the right direction, many of the security requirements are merely suggestions, as the entire program is voluntary. This may lead to inconsistency between vendors, and makes it unclear which companies are actually working to secure their devices.

Customers will scan a QR code on products with the safety mark to access information from an IoT registry, which is more convoluted than, for example, the FCC safety mark which one can assume is safe with a reasonable assurance.

Take a look at our pick of the best malware removal software around
How cybersecurity jargon creates barriers and wastes resources
Check out our choices for best antivirus software

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.