On February 4, the National Institute of Standards and Technology (NIST) issued several documents and updates that spell out software security guidance and recommended consumer labeling practices for software and IoT devices. NIST also laid out its approach to consumer cybersecurity labeling projects.
These initiatives were mandated under President Biden’s wide-ranging executive order (EO) issued last May. They aim to tighten the federal government’s security requirements for the software products it purchases, hoping that the benefits will also flow to the private sector. The labeling initiatives aim to provide consumers greater insight into the security of the software and devices they purchase and spur greater transparency by consumer software and IoT device makers.
