By David DiMolfetta A recently unveiled cybersecurity labeling program for smart products might be expanded in the near future to include other equipment beyond household internet appliances, Republican FCC Commissioner Nathan Simington said on Wednesday at an Information Technology Industry Council event.
The label, known as the Cyber Trust Mark, was designed initially for consumer internet of things devices to inform shoppers that applicable products meet certain government-vetted cybersecurity standards. It officially launched early this year after months of development throughout the Biden administration.
“I’m not sure if we could go for wireless first, or for industrial first, or for both,” Simington said of the potential expansion of the program, noting that a swan song Biden executive order signed in January leveraged the labeling schema by requiring that federal contractors procure devices with the cyber mark by 2027.
For years, government agencies have used a wide array of wireless equipment for their operations. Simington said it’ll be interesting to see whether that 2027 deadline is kept in place by the Trump administration.
Recent federal directives have hinted at this expansion, including a 2023 Office of Management and Budget memo that focused heavily on making government agency’s digital assets more cybersecure, said Michelle Sahar, who heads cybersecurity and AI policy at OpenPolicy.
“This direction aligns with the recognition that the attack surface continues to expand across all interconnected assets, underlining the need for a trusted, adaptive IoT cybersecurity labeling framework,” she said.
The commissioner on Wednesday also said that the FCC has been able to do effective cybersecurity work by partnering with other law enforcement and intelligence agencies, and suggested the agency “probably will never have the specialized knowledge to be a policy originator of first impression” for cybersecurity expertise.
“If the FCC tries to reinvent the wheel on these topics, as opposed to implementing recommendations that primarily originate outside the FCC, then I think that’s probably the wrong way to run things,” he said.
Telecom security became a hot button item for the FCC after a sweeping Chinese intrusion into at least nine U.S. telecommunications operators was discovered around a year ago. The Salt Typhoon hacks, as they became known colloquially, alarmed Washington in the final months of 2024 as investigators revealed the hacking unit accessed dozens of providers around the world and potentially other organizations.
The agency under Chairman Brendan Carr last month launched an internal national security council, aimed at deterring tech threats from China. Soon after, Carr said the group began probing a group of Chinese tech and telecom providers that the agency says could still be operating in the U.S. despite prior restrictions being levied on them.
]]>
Read more here:: www.nextgov.com/rss/all/
