NIST Cybersecurity for IoT Draft Guidance: Rounding Up the Requirements

IoT devices are becoming integral elements of federal information systems, which is why NIST has released for public review draft guidance on defining federal IoT cybersecurity requirements, including supporting non-technical requirements. These four new documents expand the range of guidance for IoT cybersecurity, with the goal of ensuring IoT devices are integrated into the security and privacy controls of federal information systems.

The new documents are:

• SP 800-213, IoT Device Cybersecurity Guidance for the Federal Government: Establishing IoT Device Cybersecurity Requirements
• NISTIR 8259B, IoT Non-technical Supporting Capability Core Baseline
• NISTIR 8259C, Creating a Profile Using the IoT Core Baseline and Non-Technical Baseline, and
• NISTIR 8259D, Profile Using the IoT Core Baseline and Non-Technical Baseline for the Federal Government

In this upcoming webinar, the NIST authors will present key ideas from the documents and take questions. Join us for an informative session as the NIST Cybersecurity for IoT program seeks to continue to the conversation.

NIST looks forward to the community’s feedback on these drafts as we work to provide IoT cybersecurity guidance that aids both the vendor community and the customer community in taking advantage of the benefits that IoT devices can bring while thoughtfully and effectively responding to the associated risks.

Event Details

Date: Tuesday, January 26, 2021

Time: 1:00 pm - 3:00 pm

Location: A WebEx link will be provided upon registration.

For additional questions, please contact iotsecurity@nist.gov.