White House's Internet of Things Security Initiative Gets an Official Meeting Date

The White House is set to host industry and government representatives Oct.19 in charting a course to label devices designed to connect to the internet—described as the Internet of Things—according to their level of security, according to a senior official.   

“I'm excited to announce the White House is hosting a summit on Internet of Things security on the 19th of this month,” Stephen Kelly, senior director for cybersecurity and emerging technology with the National Security Council, said during an event hosted by the National Cybersecurity Alliance Thursday. “We've invited a range of stakeholders from device manufacturers, industry associations ... and members of Congress to discuss what is needed to foster an effective IoT security labeling ecosystem.”

The event was held to mark cybersecurity awareness month, during which officials are encouraging the general public to “see yourself in cyber” and connected the labeling initiative to broader national security concerns in cyberspace. 

“The challenge extends well beyond critical infrastructure services,” Kelly said. “Everyday products found in our homes—such as networked appliances, doorbell cameras, thermostats, smart speakers—are proliferating at a staggering rate, further expanding our attack surface. Wouldn't it be nice if security were built in by default?”

He added that the increased transparency associated with such a labeling initiative would then enable more informed purchasing decisions.

A fact sheet the White House published on Tuesday provided a few more details about the initiative. It echoes provisions of Executive Order 14028, which President Joe Biden issued in May 2021 as a response to hacking campaigns that compromised SolarWinds, Colonial Pipeline and others—including several federal agencies. 

On Wednesday, the White House followed the fact sheet—titled “Biden-⁠Harris Administration Delivers on Strengthening America’s Cybersecurity”—with the release of a national security strategy that was expected at the start of the year. 

The national security strategy does not mention a national cyber strategy, which is yet to come from the Office of the National Cyber Director. But ONCD Principal Deputy Director Kemba Walden is part of an interagency effort to harmonize technology standards with the European Union and other allies in order to guide the government’s investment of federal dollars to better compete with China and defend against adversaries in cyberspace.  

“The newly established U.S.-EU Trade and Technology Council is coordinating approaches to setting the rules of the road on global technology, economic and trade issues based on shared democratic values,” reads the national security strategy. “Our AUKUS security partnership with Australia and the United Kingdom promotes stability in the Indo-Pacific while deepening defense and technology integration.”