IoT World Today: What the FCC’s Cybersecurity Labeling Program Means for Business
The Federal Communications Commission (FCC) approved a new cybersecurity labeling program for smart products earlier this week, designed to give customers greater insight into the security of devices on the market.
IoT World Today spoke to industry experts about what this new program aims to achieve and what additional steps businesses can take to maintain security standards in an age of increasing risk.
Chris Pierson, CEO, BlackCloak
Publishing a trust program for IoT devices/manufacturers to provide information on the cybersecurity protections is a positive step if the requirements are robust, consumers are educated on what the options mean, the risk options are robust and specific and consumers actually choose to review the data.
As the program is voluntary, its usefulness will depend on user education about the trust seals, what they mean, what the choices mean and how to make buying decisions based on the data.
Given that many IoT devices are purchased online, the awareness and efficacy of the trust seals may lag behind other programs launched to enable better consumer awareness around differences in products (e.g. Energy Star ratings on large appliances).
While the program focuses on cybersecurity by reporting on whether the devices are automated patched and the length of support for the device, there is little mention of the collection, use
and onward use (or sale) of the data that might be collected by IoT devices. This is a pretty big hole to not include both cybersecurity and privacy awareness in the trust seal initiative.