Standards bodies urge NIST to consider third-party attestation for cyber labeling program

Two large standards organizations say NIST should utilize third-party attestation as part of the agency’s cybersecurity labeling program for consumer software.

The National Institute of Standards and Technology is working on two pilot programs for consumer software and Internet of Things devices and has released draft baseline criteria for both efforts. The ANSI National Accreditation Board (ANAB) and certification company UL weighed in on NIST’s proposed software criteria in recent public comments.

“ANAB agrees that the criteria will...