Keysight Technologies has announced support for the voluntary national standard for consumer internet of things (IoT) cybersecurity labeling program unveiled by the Biden-Harris administration at the White House. Known as the U.S. Cyber Trust Mark, the IoT labeling program outlines a set of cybersecurity standards devised by the National Institute of Standards and Technology (NIST) and the Federal Communications Commission (FCC).
According to anti-virus and computer security service provider Kaspersky, cyberattacks on IoT devices more than doubled year-over-year in the first half of 2021. With the proliferation in the number of IoT devices and cyberattacks, consumers have become increasingly vulnerable to security breaches. Safeguarding consumers can be difficult for IoT device makers as cybersecurity testing is complex and expensive, with many manufacturers lacking security expertise.
“The internet of things is enormous and getting cybersecurity at scale will be crucial,” said Michael Bergman, Vice President, Technology & Standards, Consumer Technology Association. “Automated cybersecurity validation for consumer IoT has huge potential for companies to make their compliance uniform and repeatable.”
Keysight makes it easy and cost-effective for manufacturers to comply with the new White House IoT labeling standard and achieve certification right now with the Keysight IoT Security Assessment. This turnkey cybersecurity certification platform enables automated validation through a point-and-click interface, allowing device makers to quickly bring new IoT products to market without hiring a large team of cybersecurity experts.
Unlike disparate solutions, which require users to assemble and separately manage multiple tools, Keysight’s IoT Security Assessment combines traditional vulnerability assessment with a patented protocol fuzzing engine to provide a comprehensive report on discovered security flaws. Reports include information regarding Open Web Application Security Project (OWASP) vulnerabilities such as weak authentication and encryption, expired certificates, Android vulnerabilities and ADB exposures, known CVEs, and embedded flaws in protocol stacks, such as Bluetooth Low Energy attacks like Sweyntooth and Braktooth.
Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technologies, said: “The U.S. Cyber Trust Mark will give consumers a way to know if the smart devices they’re purchasing are secure, and give companies a label to show their products meet cybersecurity standards. Together with our industry partners, we are making our homes, classrooms, and workplaces safer and less vulnerable to cyberattacks.”
Ram Periakaruppan, Vice President and General Manager, Network Test & Security Solutions, Keysight, said: “The cybersecurity landscape is constantly shifting, with a nonstop stream of new threats and vulnerabilities. By using the Keysight IoT Security Assessment, device designers and manufacturers can mitigate potential security issues. The solution automates the testing and validation process to reduce costs while speeding time-to-market.”
Satish Dhanasekaran, President and Chief Executive Officer, Keysight, said: “Connected devices of all types are reshaping the world around us – from healthcare and connected cars to consumer electronics and industrial controls. As a leader in IoT, 6G, and other new technologies, Keysight strongly supports the new IoT cybersecurity labeling standards introduced by the White House. We are pleased to share our expertise and tools to help enable device makers to quickly meet these critical new standards to safeguard consumers and manufacturers.”
Click here to learn more about Keysight's IoT security assessment.
Click here to read a related article on IoT security - The Three Pillars of Security for Medical IoT Devices.