Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

USA: NIST IoT Cybersecurity Program publishes two new documents on IoT cybersecurity considerations

The National Institute of Standards and Technology ('NIST') Cybersecurity for the Internet of Things ('IoT') program announced the publication, on 17 June 2022, of the draft NIST Internal Report ('NISTIR') 8425, titled 'Profile of the IoT Core Baseline for Consumer IoT Products', and, on 21 June 2022, of a discussion essay titled 'Ideas for the Future of IoT Cybersecurity at NIST: IoT Risk Identification Complexity'.

In particular, NISTIR 8425 recalls the consumer IoT cybersecurity criteria from NIST's February 2022 white paper on Recommended Criteria for Cybersecurity Labeling for Consumer Internet of Things (IoT) Products, and incorporates such criteria into the family of NIST's IoT cybersecurity guidance. Also, NISTIR 8425 documents the cybersecurity capabilities commonly needed for the consumer IoT sector, and discusses the foundations to developing NIST's recommended consumer profile.

Furthermore, with regard to the discussion essay, it explores the topic of risk identification in IoT, and outlines key questions to address risks for IoT devices.

You can read the press release here, NISTIR 8425 here, and the discussion essay here.