Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Workshop on Cybersecurity Labeling Programs for Consumers: Internet of Things (IoT) Devices and Software

On September 14-15, 2021, NIST will host a virtual public workshop on challenges and practical approaches to initiating cybersecurity labeling efforts for Internet of Things (IoT) devices and consumer software.  The workshop will help NIST to carry out an Executive Order (EO) on Improving the Nation’s Cybersecurity. The agenda for the workshop will include facilitated panel discussions and presentations based on consumer software labeling position papers submitted to NIST and on preliminary feedback on potential IoT baseline security criteria that was shared by NIST in August.

According to the EO, by February 6, 2022, in coordination with the Federal Trade Commission (FTC) and other agencies, NIST is required to:

  • identify IoT cybersecurity criteria for a consumer labeling program and
  • identify secure software development practices or criteria for a consumer software labeling program.

Advance registration for the no-fee workshop is required. Participants will be able to submit questions online during the sessions. A recording of the workshop is expected to be available after the event.

Agenda (PDF)

Day One – September 14, 2021

 

Welcome/Goals for Consumer Labeling Projects (10:00-10:20am)

Warren Merkel, NIST

Kevin Stine, NIST

Panel: International Approaches to Cybersecurity Certification (10:20-11:20am)

Moderator: Amy Mahn, NIST

Panelists (Confirmed):

Speaker Name

Organization

Soon Chia

Cyber Security Agency of Singapore (CSA) - Presentation

Peter Stephens

DCMS, UK Government - Presentation

Isabelle Roccia

BSA

Richard O’Brien

CPSC

 

Panel: Consumer Perspectives (11:20-12:20pm)

Moderator: Julie Haney, NIST

Panelists (Confirmed):

Speaker Name

Organization

Shane Johnson

Director, Dawes Centre for Future Crime, University College London

John Banghart

Cybersecurity Coalition

Jean Camp

Director of Center for Security and Privacy in Informatics, Computing, and Engineering, Indiana University

Anu Devi

Trustworthy IoT Coalition, World Economic Forum

 

Break (12:20-1:00pm)

 

Technical Criteria for Consumer IoT: A Starting Point (1:00-2:15pm)

Moderator: Barbara Cuthill, NIST

Panelists: Kat Megas, NIST, Paul Watrobski, NIST; Mike Fagan, NIST

Break (2:15-2:30pm)

Panel: Considerations for Technical Criteria for Consumer IoT Products (2:30-3:45)

Moderator: Michael Fagan, NIST

Panelists (Confirmed):

Speaker Name

Organization

Drew Bagley

CrowdStrike

Samir Jain

CDT

Maria Rerecich

Consumer Reports

Dave Kleidermacher

Google

Beau Woods

I am the Cavalry

 

What We Heard Today, What’s Up Tomorrow (3:45-4:00pm)

Warren Merkel, NIST

Adjourn (4:00pm)

 

Day Two – September 15, 2021

Goals of Consumer Software Project (10:00-10:20am)

Michael Ogata, NIST

Panel: Federal Agency Perspectives(10:20-11:20am)

Moderator: Robert Morgus, U.S. Cyberspace Solarium Commission

Panelists (Confirmed):

Speaker Name

Organization

Ann Bailey

EPA

Hampton Newsome

FTC

Tim Smith

CPSC

 

Panel: Scoping the Software Label: The Who and What(11:20-12:20pm)

Moderator: Michael Ogata, NIST

Panelists (Confirmed):

Speaker Name

Organization

Alexa Lee

ITI

Mary Ellen Zurko

MIT Lincoln Laboratory

Douglas Biggs

Underwriters Laboratory

Jeff Williams

Contrast Security

 

Break (12:20-1:10pm)

Panel: Technical Requirements for Software Cybersecurity Labels(1:10-2:30pm)

Moderator: Michael Ogata, NIST

Panelists (Confirmed):

Speaker Name

Organization

David Wheeler

The Linux Foundation

Chris Wysopal

Veracode

Steven B. Lipner

SAFECode

Brian Glas

OWASP

Tony Rice

Microsoft

Break (2:30-2:45 Pm)

Panel: Approaches to Conformity Assessment and Attestation (2:45-3:45pm)

Moderator: Amy Phelps, NIST

Panelists (Confirmed):

Speaker Name

Organization

Karin Athanas

TIC Council

Reinaldo Figueiredo

CASCO Chair

Gary Jabara Mobilitie

What We Heard Today and Next Steps (3:45-4:00pm)

Warren Merkel, NIST

Adjourn (4:00pm)

 

 

Created July 16, 2021, Updated September 23, 2021