Breaking Down the U.S. Cyber Trust Mark

The day-to-day convenience offered by smart technology is a no-brainer. However, the security risks that can emerge if the data that feeds into these items is mishandled must be considered. 

 Recognizing this, the Federal Communications Commission (FCC) is establishing the U.S. Cyber Trust Mark, a voluntary cybersecurity labeling program for wireless consumer IoT products.  

It's poised to be significant step forward for IoT security. But what exactly does it mean? 

 What is the U.S. Cyber Trust Mark?  

The U.S. Cyber Trust Mark was introduced to help consumers make more secure buying decisions on select IoT and smart devices. Per Silicon ANGLE, it is a voluntary labeling program that is set up to help consumers easily identify products (via a shield-style label) that meet pre-established cybersecurity standards, addressing concerns over security risks associated with IoT devices that might be otherwise overlooked. The criterion for labeling is based on the standards for IoT products set out in 2022 by the National Institute of Standards and Technology (NIST). 

 While the program is voluntary, U.S. Deputy National Security Advisor Anne Neuberger shared with media that the White House is developing an executive order that will ensure the U.S. government can only buy products with the Cyber Trust Mark crest starting in 2027.  

 Major retailers like Amazon, Best Buy, Google and more have expressed support in the program and plan to showcase products featuring the U.S. Cyber Trust Mark once applicable. Per the FCC, the program will rely on public-private collaboration, with the FCC providing oversight and approved cybersecurity label administrators managing activities like evaluating applications, authorizing label use, customer education and more.  

Where did the labeling program come from? 

The U.S. Cyber Trust Mark didn’t just emerge once the clock struck midnight on January 1, 2025. The Biden administration first announced the program in June 2023 as a way to help consumers make more informed decisions on choosing secure smart devices and IoT products. Now in the process of fine-tuning details, the FCC recently announced UL Solutions as “Lead Administrator,” which means that UL Solutions will be responsible for identifying and developing the IoT-specific standards and testing procedures for the program and recommending these to the FCC.  

 Many argue the need to start somewhere. In that regard, the Cyber Trust Mark represents a starting point to improve IoT security—especially considering how intertwined these devices have become in our daily lives. As we continue to navigate the ever-evolving digital age, the U.S. Cyber Trust Mark appears to be solid first step toward more secure consumer technology. 

Additional Cyber Trust Mark Resources 

• Official FCC U.S. Cyber Trust Mark program page
• NIST Cybersecurity for IoT Program page
• Official FCC Public Notice announcing UL Solutions as Lead Administrator
• Lead Administrator’s Call for Stakeholders