This is a great initiative and will be crucial for keeping a free and open society running smoothly in a more hostile information security environment.
My suggestion is to have a look at the work done in the European Union with Cyber Resillience Act. Much can be said about what EU is doing and the competence of the legislators there, but CRA is actually quite decent. If an upcoming FCC regulation would be somewhat aligned with what is required for CE-compliance, the life for us working with developing IoT-products with a global footprint will be much easier!
This is a great initiative and will be crucial for keeping a free and open society running smoothly in a more hostile information security environment.
My suggestion is to have a look at the work done in the European Union with Cyber Resillience Act. Much can be said about what EU is doing and the competence of the legislators there, but CRA is actually quite decent. If an upcoming FCC regulation would be somewhat aligned with what is required for CE-compliance, the life for us working with developing IoT-products with a global footprint will be much easier!