The Internet of Things (IoT) is a rapidly evolving and expanding collection of diverse technologies that interact with the physical world. Yet many organizations are unaware of the large number of IoT devices already in use or how IoT devices may affect cybersecurity and privacy risks differently than conventional information technology (IT) devices.

NIST is seeking public comments on Draft NISTIR 8228, Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks. The purpose of this publication is to help federal agencies and other organizations better understand and manage the cybersecurity and privacy risks associated with their IoT devices throughout their lifecycles. This publication is an introductory document that provides the foundation for a planned series of publications on more specific aspects of this topic.

A public comment period for this draft document is open until October 24, 2018. See these publication details for a link to the draft document and a template for providing your comments.