Explore all of ul.com

Cyber attacks are happening more frequently and affect consumers and businesses alike. Data breaches cost businesses millions of dollars and dilute consumer confidence. Security experts warn that the connected nature of Internet of Things (IoT) devices will give rise to more cyber attacks making cybersecurity more important than ever.

Criminals target cybersecurity flaws in IoT devices to spread computer viruses to harm the network and any systems attached to the network. DDoS (Distributed Denial of Service) attacks are increasingly enabled by botnets made up of hackable IoT devices. Smart home entertainment systems, digital appliances, and connected vehicle systems, next to traditional network equipment, are all at risk. Cybersecurity, and specifically IoT security, is now a top risk management and regulatory concern.

Facing consumer and regulatory challenges, manufacturers need to minimize cyber risk and protect brand reputation. UL created the UL 2900 standard series based IoT security program to address growing cybersecurity concerns. The UL 2900 standards provide manufacturers with testable and measurable criteria to assess software vulnerabilities, weaknesses, and the presence of applicable security controls in the design, development and maintenance of network-connectable products.

UL 2900 is the foundation of the UL Cybersecurity Assurance Program (CAP) for consumer technology products, in particular IoT and network devices.

UL 2900 is recognized by the U.S. White House Cybersecurity National Action Plan (CNAP) as the standard for testing network-connectable products and the U.S. Food and Drugs Administration (FDA) for testing medical devices. It is also recognized as an ANSI (American National Standards Institute) standard. 

Through the CAP, UL Consumer Technology Services works with IoT product manufacturers to:

  1. Identify gaps in cybersecurity;
  2. Test and certify IoT products and/services to UL 2900 series of cybersecurity standards and;
  3. Design with security in mind.

At the same time, UL offers a Vehicle CyberSecurity Program (VSCP) to help car manufacturers to minimize cyber risks through threat analysis, risk assessments, testing for possible vulnerabilities, and validating security protection measures.

Global Market Access

Apart from voluntary testing services such as CAP and VCSP, UL helps manufacturers simplify multiple market compliance by bundling product tests and certifications to meet all relevant national and regional market standards. Regardless of your location, this ‘one-stop-shop’ simplifies the process, reduces administrative and project management costs, and accelerates access to any and every market.