Officials and Executives Discuss Cyber Labels, Agentic AI, and Resilience

LAS VEGAS, Jan. 6, 2026 — Federal procurement rules, cybersecurity labeling programs and a White House executive order expected as soon as this month were already reshaping how governments and companies built trust in artificial intelligence and connected devices, U.S. and foreign officials said Tuesday at CES, as autonomous AI systems moved from experimentation into real-world use.

The comments came during the "Trusted Tech: Securing Innovation in a Connected World" panel. In it, David Grossman, vice president of regulatory affairs at the Consumer Technology Association, said that it had been reported that the Trump administration was preparing to release a new national cybersecurity strategy, potentially accompanied by an executive order or national security memorandum later in January.

He asked panelists what they would like to see in the plan.

The anticipated action comes at a time in which AI-powered systems were beginning to be deployed across networks, enterprises and government operations.

Against that backdrop, officials from the United States and Singapore said governments were increasingly relying on baseline standards, certification programs and procurement leverage to manage risk without dictating how technologies must be built.

Hubert Han, digital counsellor at the Embassy of Singapore to the United States, said governments already made risk-based judgments in areas such as procurement and product certification and were now applying the same logic to emerging AI systems.

“Not having control is something that takes a lot of getting used to,” Han said, pointing to Singapore’s cybersecurity labeling program, which sets baseline security requirements without prescribing product design. Trust, he said, was built when technologies repeatedly demonstrated predictable behavior in real-world use.

Singapore has treated cybersecurity as an economic enabler rather than solely a national security issue, Han said. The country’s digital economy accounts for about 19 percent of gross domestic product, and policy has focused on practical cyber hygiene tools that smaller firms can adopt quickly.

From the U.S. government perspective, Kat Megas, a senior policy adviser at the Department of Commerce who also leads cybersecurity and AI work at the National Institute of Standards and Technology, said trust frameworks were often misinterpreted as static compliance checklists.

“Trustworthiness depends on the use case,” Megas said, noting that industrial control systems may prioritize safety and reliability, while consumer devices place greater emphasis on cybersecurity and privacy.

Megas said the rise of AI agents,  systems that can take actions on networks or on behalf of users, were already challenging long-standing assumptions about accountability and oversight. NIST last month released a preliminary cybersecurity profile for AI systems addressing agent authentication, authorization and traceability. The draft drew more than 24,000 downloads in its first weeks.

Industry executives said market incentives were already pushing companies toward stronger security practices. Cordell Hull, executive vice president and head of U.S. public affairs at Samsung Electronics America, said cybersecurity was increasingly embedded at the design stage as AI-driven features expanded.

Cybersecurity labeling programs were cited as a key mechanism translating policy into market behavior. Singapore launched its labeling scheme in 2020 and now has more than 850 certified products, Han said, with governments and large enterprises increasingly requiring certified devices in contracts.

Correction: A prior version of this article reported that Grossman said the Trump administration was preparing to release a new national cybersecurity strategy. In fact, Grossman said that it had been reported that the administration was preparing to release a strategy. The story has been corrected.