HealthcareInfoSecurity Twitter
Kat Megas, program manager, NIST s Cybersecurity for IoT Program
The U.S. federal government is increasingly using IoT devices for across its agencies, but that has also raised concerns about security.
For example, the government is using drones to inspect the outside of buildings and also is implementing IoT smart controls for buildings, says Kat Megas, program manager for the National Institute of Standards and Technology’s Cybersecurity for IoT Program.
The use of IoT devices presents a variety of risks. For example, the devices could become infected as part of a botnet or could be targeted for ransom extortion campaigns, she says.
To embed, copy and paste the code into your website or blog:
The National Institute of Standards and Technology (NIST) has been an active driver of Internet of Things (IoT) cybersecurity efforts for several years, convening stakeholders from the federal government and the private sector to develop IoT risk management guidance. To date, NIST’s Cybersecurity for IoT Program has collaborated across the wide IoT ecosystem to develop seminal voluntary guidance, including an IoT Device Cybersecurity Capability Core Baseline, which defines a set of device cybersecurity capabilities for organizations to consider when managing IoT risk.
NIST’s important work in the IoT security space will continue in 2021. Recent developments – including the passage of the Internet of Things (IoT) Cybersecurity Improvement Act of 2020 (the IoT Cybersecurity Improvement Act) and a newly released slate of draft guidance documents – promise a busy year ahead for NIST, as well as multiple opportunities
Date Time
NIST Releases Draft Guidance on Internet of Things Device Cybersecurity
As the Internet of Things (IoT) grows to connect an amazing diversity of devices to electronic networks, four new publications from the National Institute of Standards and Technology (NIST) offer recommendations to federal agencies and manufacturers alike concerning effective cybersecurity for these devices.
The four related publications will help address challenges raised in the recently signed IoT Cybersecurity Improvement Act of 2020 and begin to provide the guidance that law mandates. Together, the four documents – NIST Special Publication (SP) 800-213 and NIST Interagency Reports (NISTIRs) 8259B, 8259C and 8259D – form a unit intended to help ensure the government and IoT device designers are on the same page with regard to cybersecurity for IoT devices used by federal agencies.