Consumer Reports, a nonprofit organization that conducts non-biased and extensive reviews on cars, appliances, and other consumer goods, is preparing for the inclusion of cybersecurity and privacy safeguards when scoring products.
The group said today that it had joined forces with numerous outside organizations to create methodologies for reviewing how easily a product can be hacked and how well customer data is secured. Consumer Reports says they will gradually implement these new methodologies to their review process, starting with test projects that evaluate small numbers of products.
This announcement comes in the wake of increased cyber-attacks leveraging easy to exploit vulnerabilities found in today’s IoT devices, including webcams, routers, video recorders, and even children’s toys.
Security researchers believe there are currently no incentives implemented that are urging manufacturers to build these IoT devices with security safeguards in place. “We need to shed light that this industry really hasn’t been caring about the build quality and software safety,” said Peter Zatko, Director at Cyber Independent Testing Lab.
The first draft of these standards is currently available online at thedigitalstandard.org
Among the variables measured include reviewing whether the software is built using best security practices, studying how much information is collected about the consumer, and determining whether companies delete all user data once an account is terminated.
Learn more about System Hardening
Read this article on Reuters