NIST’s National Cybersecurity Center of Excellence (NCCoE) has published NIST Cybersecurity Practice Guide Special Publication (SP) 1800-15, Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD). IoT devices are often vulnerable to malicious actors who can exploit them directly and use them to conduct network-based attacks. SP 1800-15 describes for IoT product developers and implementers four different implementations that use MUD to automatically limit IoT devices to sending and receiving only the traffic that they require to perform their intended functions.
If you have questions or would like to join our Community of Interest, please email the project team at mitigating-iot-ddos-nccoe@nist.gov.
Security and Privacy: configuration management, controls, identity & access management, security automation, threats
Technologies: networks
Applications: cybersecurity framework, Internet of Things, small & medium business
Laws and Regulations: Executive Order 13800