Skip to main content
  • Capability

Cybersecurity Assurance and Compliance

Empowering trust in the marketplace by helping manufacturers and ecosystem stakeholders improve the security of IoT products and systems through its full suite of cybersecurity solutions.

Connected cities infographic


The Internet of Things (IoT) provides amazing possibilities for product development and is accelerating innovation at perhaps the fastest rate in history. Things that were nearly unheard of just a few years ago — tracking wellness on your watch or phone, a refrigerator that orders your groceries for you, payment from your phone with biometrics, and even mobile driver’s licenses are all now reality.

Building cybersecurity into connected products is a critical component needed to unlock the vast potential of IoT innovation. If done well, it empowers companies to successfully implement their business strategy, mitigate risks, protect their brand reputation, create product differentiation, and establish market leadership.

According to global research and advisory company, Gartner, 20.4 billion connected “things” will be in use by 2020. However, while manufacturers are eager to go to market with IoT products, building security measures into these devices often remains an afterthought. Interconnected technology is inherently linked with cyberthreats used by attackers who manipulate software vulnerabilities and weak links in ecosystems. As these threats continue to rise, companies must build cybersecurity into their organization, processes and product development life cycle, including updates and end-of-life after successful launch. Otherwise they risk being bypassed by competitors or, worse yet, may find themselves the center of the next breach.

We help innovators create safer, more secure products and technologies to enable their safe adoption by guiding them through the growing complexities across the supply chain.

We’ve seen wide industry acceptance of its cybersecurity solutions and standards. Recent achievements include recognition from the U.S. Food and Drug Administration (FDA) for UL’s cybersecurity Standard for testing of medical devices, designation as an Amazon-approved lab to perform security assessments for Alexa-enabled devices, standardizing the mobile driver’s license globally, and authorization as an approved cybersecurity provider for the Society for Worldwide Interbank Financial Telecommunication (SWIFT). Global clients utilizing UL’s cybersecurity services include Visa, Mastercard, Eaton, Johnson Controls, and ICU Medical, among many others.

While there is no silver bullet for solving IoT cybersecurity challenges, companies must begin to understand and address cybersecurity risks. This enables them to continue innovating and tackling an increasingly complex world of product and system interconnectivity with greater confidence.


With public safety at the core of our mission since 1894, we empower trust in the marketplace by helping manufacturers and brands improve the security of IoT products and systems through our full suite of cybersecurity solutions. These services are designed to help you understand and manage your risks, secure your products, and protect your brand’s integrity.

Smart payments and smart mobility

Leverage our trusted expertise to help you develop and implement secure innovations for the interconnected and cashless world. Explore Smart Payments and Smart Mobility solutions.

Smart ecosystems

From compliance and regulatory issues to trade challenges and market access, we offer the opportunity for industry to demonstrate their cybersecurity via conformity assessment, evaluation, compliance or certification. This allows companies to build trust, credibility and value across industries and ecosystems such as smart buildings, medical devices, industrial control systems, critical infrastructure and smart homes.

  • We are helping industries by collaborating with associations, stakeholders and manufacturers to incorporate baseline security requirements into and across the supply chain. Access UL’s IoT Security Top 20 Design Principles.
  • The UL Cybersecurity Assurance Program (UL CAP) aims to minimize risks by creating standardized, testable criteria for assessing software vulnerabilities and weaknesses in IoT products and systems. This helps reduce exploitation, address known malware, enhance security controls, and expand security awareness.
City with number infographic

UL CAP and the UL 2900 series of Standards

Based on the UL 2900 series of Standards and other industry standards, UL CAP’s full suite of advisory, testing and certification services is designed to help organizations manage their cybersecurity risks and validate their cybersecurity capabilities to the marketplace.

Learn more

Strengthening security in cyber

Why UL

Benefits of working with UL for cybersecurity include:

  • Independent trusted third party
  • More than 20 years of cybersecurity expertise
  • Full life cycle solutions
  • Industry knowledge
  • Providing cybersecurity assurance
  • Cybersecurity and safety
  • Certification to standards

Built on a foundation of:

  • More than 550 security analysts globally
  • Extensive knowledge of best practices
  • UL 2900 Series of Standards
  • IEC 62443 Family of Standards

“Working with UL on cybersecurity provides us with a competitive advantage because of that independent third-party Verification. We think that carries a lot of weight, it carries a lot of value and provides trust to our customers going forward.”

  • Michael Regelski, Eaton Senior Vice President and Chief Technology Officer - Electrical Sector
Get in Touch

Let us know how we can help.

Help and support

How can we help?