UL in this case stands for Underwriters Laboratories. An article on darkreading.com notes that a UL official, Maarten Bron, says that they are taking part in the U.S. government’s plan to promote security certification standards.
The U.S. government is interested in developing a UL-type program directed at computers and smartphones. This initiative will encourage the private sector and the government to create the standards.
So that’s what we have thus far; this initiative is in its early childhood stage, so there isn’t much more information about it that’s available to the media. UL is looking forward to sharing involvement with the White House’s initiative to unite the private
and public sectors to combat cybercrime.
In the meantime, UL is fine-tuning its own test and certification program for Internet of Things products.
The darkreading.com article quotes Bron as follows: “We are prepared to release a test and certification program for this,” that will be fueled by users’ concerns and needs.
Historically, UL has been involved with the testing and certifying of appliances for their electrical safety. About four years ago, UL developed a cybersecurity division. In the darkreading.com article, Bron points out that the security of electronic payments
is of particular concern, “namely certification of chip and PIN technologies.”
The transition from magnetic stripe credit cards (which are so easy to fraudulently use) to chip and PIN technology for the cards is underway.
UL has come up with some testing tools that cross-validate the settings from bank card chips against Visa best practices, says Bron. But that’s all just one slice of the cybersecurity pie.
Another big slice is health, and yet another big chunk relates to industrial control systems. UL wants to be on top of holes or vulnerabilities.