"NIST Releases Draft Guidance for IoT Cybersecurity"
The National Institute of Standards (NIST) has released a draft version of Special Publication (SP) 800-213 and a number of supporting documents developed to provide cybersecurity guidance to manufacturers of Internet of Things (IoT) devices. The draft version of SP 800-213 highlights certain concerns that Federal agencies must consider when obtaining IoT devices, further expanding upon NIST's Cybersecurity Framework and its Risk Management Framework. This guide includes ten specific questions that agencies should ask when establishing requirements. These questions cover aspects such as the interaction of an IoT device with the broader network. The document includes recommendations on what agencies should look for regarding the security capabilities that an IoT device needs to provide before it is integrated into Federal information systems. This article continues to discuss the goal and contents of the draft version of SP 800-213 and other draft documents on IoT security released by NIST.
MeriTalk reports "NIST Releases Draft Guidance for IoT Cybersecurity"