What happened
The Federal Communications Commission selected the ioXt Alliance as the new lead administrator for the U.S. Cyber Trust Mark Program, the government’s voluntary security labeling initiative for internet-connected devices. The program is designed to let approved testing labs evaluate IoT products against required standards so eligible devices can carry a government-backed security label. The FCC’s decision signals that the program is still moving forward under current leadership after uncertainty late last year, when UL Solutions withdrew from the role following scrutiny tied to its China connections. Under the new arrangement, ioXt will oversee ongoing stakeholder engagement, recommend additional IoT-specific standards and testing procedures, support consumer outreach, and act as a liaison between the FCC and other label administrators.
Who is affected
The direct impact falls on IoT device manufacturers, testing labs, retailers, and consumers participating in or relying on the Cyber Trust Mark program. The decision is also relevant to businesses whose purchasing choices may be influenced by the presence or absence of the security label on connected products.
Why CISOs should care
This matters because the Cyber Trust Mark program is shaping how IoT device security will be evaluated and communicated in the U.S. market. Even though the label is aimed at consumers, it is likely to influence broader procurement expectations and could affect how organizations assess baseline security in connected devices used across homes, offices, and operational environments.
3 practical actions
- Track labeling requirements closely: Review how the Cyber Trust Mark standards could affect connected device selection, procurement, and vendor expectations in your environment.
- Assess IoT purchase criteria now: Consider whether future buying decisions should account for products that qualify for government-backed security labeling.
- Watch the program’s next phase: Monitor how ioXt expands testing procedures, outreach, and additional standards because those decisions may shape practical security baselines for IoT products.
For more news about government efforts to strengthen cyber protections and product security standards, click Cybersecurity to read more.