Estimates suggest that 66% of networks will have an IoT security breach by 2018*. Customers worldwide are asking UL to help support their organizations bring safer and more secure products and systems to market. The U.S. government’s Cybersecurity National Action Plan (CNAP) refers to the need of enhanced cybersecurity capabilities within the U.S. government and across the country.
Purchasers would like to address security in their supply chain by having an independent trusted third party, like UL, perform assessments on connected products and on the vendors that manufacture those products. UL CAP addresses consumer technology security concerns using testing, evaluation & certification.
UL CAP uses the new UL 2900-1 Standard to offer testable cybersecurity criteria for Consumer Technology products to assess software vulnerabilities and weaknesses, minimize exploitation, address known malware, review security controls and increase security awareness. The program allows vendors to concentrate on product innovation with emerging technologies and capabilities to meet the ongoing needs of the marketplace. For increased flexibility, vendors can select the UL CAP services best suited for their current needs.
UL cybersecurity services for network-connectable products and systems include:
- Testing security criteria based on UL 2900 cybersecurity standards or specified requirements
- Testing leading to certification based on UL 2900 cybersecurity standards
- Evaluation and risk assessment of vendor processes for developing and maintaining security products and systems
- Training in security readiness for product design and sourcing
Why evaluate your Consumer Technology products for cybersecurity?
Not only is there a rise in the number of cyber attacks occurring, the sophistication of them has also advanced. With the imminent increase in connecting devices to networks, it is imperative that Consumer Technology products are evaluated for cybersecurity to help ensure reliability, decrease downtime, prevent damage to assets, mitigate risk, improve security, and maintain health and safety.
Consumer Technology Product Testing Deliverables:
|Certification||Certificate of compliance to UL 2900-1 indicating UL 2900 compliant|
|Testing||Test report based on some or all of UL 2900-1 requirements or customer specified requirements|
|Training||UL 2900 Standard for Consumer Technology Products and best practices for identifying and mitigating risk associated with vulnerabilities in Consumer Technology products|
Why Choose UL
The UL CAP was developed with input from major stakeholders representing the U.S. Federal government, academia and industry to elevate the security measures deployed in the critical infrastructure supply chain. In fact, the UL CAP services and software security efforts are recognized within the U.S. White House Cybersecurity National Action Plan (CNAP) as a way to test and certify network-connectable devices within the IoT supply chain.
Early adoption of the UL CAP provides a competitive advantage by differentiation in the marketplace and can help mitigate risk due to potential consequences of a cyberattack.
- Unplanned downtime and loss of production
- Costly harm to assets
- Reputation damage
* Source: IDC Research, Inc.