US Cyber Trust Mark
Your Roadmap to Cyber Trust Mark Compliance
This voluntary labeling initiave helps American consumers identify devices that meet rigorous security standards established by NIST and incentivizes the production of cyber-secure devices, helping to improve IoT security. Take steps to comply today and earn the coveted shield logo for your products.
What's New with the Cyber Trust Mark?
Jan 7th, 2025: The White House officially announces the launch of the U.S. Cyber Trust Mark
Core Requirements

Identify
Understand and manage cybersecurity risks to systems, assets, data, and capabilities.
Categories include:
- Asset management
- Business Environment
- Governance
- Risk assessment
- Risk management strategy
- Supply chain risk management

Protect
Develop and implement safeguards to ensure critical services and data are delivered securely.
Categories include:
- Identity management & access control
- Awareness & training
- Data security
- Information protection processes & procedures
- Maintenance
- Protective technology

Detect
Identify cybersecurity incidents promptly.
Categories include:
- Anomalies & events
- Security continuous monitoring
- Detection processes

Respond
Take action when a cybersecurity event is detected to minimize its impact.
Categories include:
- Response planning
- Communications
- Analysis
- Mitigation
- Improvements

Recover
Restore services and operations after a cybersecurity incident.
Categories include:
- Recovery planning
- Improvements
- Communications
-Jan-27-2025-05-41-04-8665-PM.png?width=1080&height=1080&name=Untitled%20design%20(1)-Jan-27-2025-05-41-04-8665-PM.png)
What needs to be certified?











6 Reasons to Opt Into the CTM Program
- Improved consumer confidence in your product — crucial for boosting sales in a crowded market
- Positions your company as a leader in cybersecurity best practices, giving you a competitive edge
- A stronger cybersecurity posture = reduced reputational risks from security breaches
- Participation contributes to a higher standard for IoT cybersecurity across the board
- Improves internal cyber security practices in order to maintain certification
- Gives your organization a head start on additional mandatory certifications like the EU Cyber Resilience Act
.png?width=500&height=425&name=platform%20images%20small%20(2).png)
How Finite State Can Help You Obtain the U.S. Cyber Trust Mark
Leverage expertise from former U.S. government officials and get the support you need to obtain the Cyber Trust Mark with
- Continuous transparency into the components that drive your connected device, wherever they originate
- The tools needed to validate assertions made by the bearers of the Cyber Trust Mark
- Tracking of known vulnerabilities to provide prioritization for ongoing improvement
- Expert services to assist in the assessment of product readiness before Cyberlab submission
The Future of IoT Security: Conversations from CES 2025
Matt Wyckhouse sits down with Jim Morrish of Transforma Insights at CES 2025 to discuss how new regulatory frameworks are transforming the connected device industry.
From Our Blog

U.S. Cyber Trust Mark: What Manufacturers Need to Know About This Voluntary (but Valuable) Certification

FCC Launches Cyber Trust Mark, a Voluntary Cybersecurity Labeling for Smart Products
