What do you think of this voluntary approach?
IF it's approved, I think it's a good staring point and a good way to see if the IoT manufacturers will voluntarily adopt the standards within the program. Eventually, I'd like to see this mandatory in industries categorized as critical infrastructure.
Will it work or does it need more clout?
I hope so. IF it's approved, as consumers we need to help this along by only buying IoT products with the Cyber Shield label or any other frameworks the IoT device adheres to. Leaving customer reviews along the lines of, "Your product looks great but unfortunately I couldn't buy it because it doesn't adhere to current IoT standards to keep me safe". As security professionals, we'll need to step up and be loud about this IF it gets approved.
Edit: Cyber Shield Bill