Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity Labeling for Consumer IoT and Software: Executive Order Update and Discussion

Cybersecurity Labeling for Consumer IoT and Software

Event Description

This workshop will provide an update on NIST’s activities related to cybersecurity labeling for consumer Internet of Things (IoT) products and consumer software. NIST speakers will review the status of the draft criteria for consumer software labeling, summarize feedback received on the draft baseline security requirements for consumer IoT and solicit feedback on a discussion paper on consumer IoT product labeling. Time will be available for workshop participants to comment and ask questions online.

Advance registration for the no-fee workshop is required. Participants can submit questions online during the sessions and a recording of the workshop is expected to be available after the event.

Additional background:

In May of 2021, Executive Order (EO) 14028, “Improving the Nation’s Cybersecurity,” charged NIST with undertaking efforts which would encourage voluntary cybersecurity labeling programs. NIST is currently identifying key elements of labeling programs in terms of minimum requirements and desirable attributes (rather than establishing its own programs). NIST will specify desired outcomes, allowing providers and customers to choose best solutions for their devices and environments. One size may not fit all—and multiple solutions might be offered by label providers.

Now available online: 

NIST has published a new discussion draft on Consumer Cybersecurity Labelling for IoT Products: Discussion Draft on the Path Forward (View the Discussion Draft). 

   

Agenda 

Cybersecurity Labeling for Consumer IoT and Software: Executive Order Update and Discussion

11:00 - 3:00 PM Eastern Time (UTC-5)
11:00 AM - 11:15AM Introductions  
11:15AM - 11:30AM Update on Draft Baseline Criteria for Consumer Software Cybersecurity Labeling: Technical Criteria, Conformity Assessment, and Labeling  
11:30AM -11:45AM Q & A on consumer software labeling criteria  

Presentations and Q & A on Consumer IoT Cybersecurity Labeling: Technical Criteria, Conformity Assessment, and Labeling

11:45AM - 12:30PM

Update on draft technical criteria for consumer IoT labeling

  • Summary of comments received on Draft Baseline Security Criteria for Consumer IoT
  • Overview of technical criteria in draft discussion paper (to be released) on Consumer IoT
  • Q & A on IoT technical criteria
 
12:30PM - 1:15PM Break
1:15PM - 1:45PM Update and Q&A on conformity assessment criteria in draft discussion paper on consumer IoT labeling  
1:45PM - 2:15PM

Update and Q&A on labeling criteria in draft discussion paper on consumer IoT labeling

 
2:15PM - 2:45PM Facilitated Q & A with all presenters
2:45PM - 3:00PM Wrap-Up  
Created November 10, 2021, Updated December 6, 2021