NIST releases proposed draft criteria for consumer software cybersecurity label

The National Institute of Standards and Technology has published a draft template for its consumer software cybersecurity labeling effort required under a May executive order, with a focus on developing baseline criteria rather than launching a formal program.

The executive order tasks NIST with several deliverables to secure the government’s software supply chain. NIST was also directed to develop criteria for two cyber labeling efforts for consumers of software and Internet of Things devices, and held a public workshop...