Date Published: November 1, 2021
Comments Due: December 16, 2021
Email Comments to: labeling-eo@nist.gov
This draft document advances assignments to NIST in Sec. 4 (s) of Executive Order (EO) 14028, “Improving the Nation’s Cybersecurity” related to cybersecurity labeling for consumer software. It complements a similar document addressing cybersecurity-related consumer labeling for Internet of Things (IoT) products. The criteria in this document are based on extensive input offered to NIST in a September 2021 workshop and position papers submitted to NIST, along with the agency’s research and discussions with organizations and experts from the public and private sector. In accordance with the EO, NIST plans to produce a final version of these criteria by February 6, 2022.
NIST seeks comments on all aspects of the criteria contained in this draft document, including:
None selected
Publication:
Draft Baseline Criteria
Supplemental Material:
Consumer Software Criteria page (web)
NIST news article (web)
Document History:
11/01/21: White Paper (Draft)
Security and Privacy
general security & privacy
Technologies
software & firmware
Laws and Regulations
Executive Order 14028