Date Published: February 2018
Comments Due:
Email Questions to:
Author(s)
Interagency International Cybersecurity Standardization Working Group (IICS WG)
Editor(s)
Michael Hogan (NIST), Ben Piccarreta (NIST)
Announcement
The Interagency International Cybersecurity Standardization Working Group (IICS WG) was established in December 2015. The purpose of the IICS WG is to coordinate on major issues in international cybersecurity standardization and thereby enhance U.S. federal agency participation in international cybersecurity standardization.
The IICS WG has developed this draft report, NIST Interagency Report (NISTIR) 8200, Status of International Cybersecurity Standardization for Internet of Things (IoT). The intended audience is both the government and the public. The purpose is to inform and enable policymakers, managers, and standards participants as they seek timely development of and use of cybersecurity standards in IoT components, systems, and services.
This draft report:
- provides a functional description for IoT (Section 4);
- describes several IoT applications that are representative examples of IoT (Section 5);
- summarizes the cybersecurity core areas and provides examples of relevant standards (Section 6);
- describes IoT cybersecurity objectives, risks, and threats (Section 7);
- provides an analysis of the standards landscape for IoT cybersecurity (Sections 8 and 9); and
- maps IoT relevant cybersecurity standards to cybersecurity core areas (Appendix D).
This draft report is based upon the information available to the participating agencies. Comments are now being solicited to augment that information, especially on the information about the state of cybersecurity standardization for IoT that is found in Sections 8, 9, 10, and Annex D. Your feedback on this draft publication is important. It will help to shape the final publication so that it best meets the needs of the public and private sectors.
Comments will be posted as they are received, at https://www.nist.gov/itl/comments-draft-nistir-8200.
The Interagency International Cybersecurity Standardization Working Group (IICS WG) was established in December 2015 by the National Security Council’s Cyber Interagency Policy Committee (NSC Cyber IPC). Its purpose is to coordinate on major issues in international cybersecurity standardization and thereby enhance U.S. federal agency participation in international cybersecurity standardization.
Effective U.S. government participation involves coordinating across the U.S. government and working with the U.S. private sector. There is a much greater reliance in the U.S. on the private sector for standards development than in many other countries. Companies and industry groups, academic institutions, professional societies, consumer groups, and other interested parties are major contributors. Further, the many Standards Developing Organizations (SDOs) who provide the infrastructure for the standards development are overwhelmingly private sector organizations.
On April 25, 2017, the IICS WG established an Internet of Things (IoT) Task Group to determine the current state of international cybersecurity standards development for IoT. This Report is intended for use by the IICS WG member agencies to assist them in their standards planning and to help to coordinate U.S. government participation in international cybersecurity standardization for IoT. Other organizations may also find this useful in their planning.
The Interagency International Cybersecurity Standardization Working Group (IICS WG) was established in December 2015 by the National Security Council’s Cyber Interagency Policy Committee (NSC Cyber IPC). Its purpose is to coordinate on major issues in international cybersecurity standardization and...
See full abstract
The Interagency International Cybersecurity Standardization Working Group (IICS WG) was established in December 2015 by the National Security Council’s Cyber Interagency Policy Committee (NSC Cyber IPC). Its purpose is to coordinate on major issues in international cybersecurity standardization and thereby enhance U.S. federal agency participation in international cybersecurity standardization.
Effective U.S. government participation involves coordinating across the U.S. government and working with the U.S. private sector. There is a much greater reliance in the U.S. on the private sector for standards development than in many other countries. Companies and industry groups, academic institutions, professional societies, consumer groups, and other interested parties are major contributors. Further, the many Standards Developing Organizations (SDOs) who provide the infrastructure for the standards development are overwhelmingly private sector organizations.
On April 25, 2017, the IICS WG established an Internet of Things (IoT) Task Group to determine the current state of international cybersecurity standards development for IoT. This Report is intended for use by the IICS WG member agencies to assist them in their standards planning and to help to coordinate U.S. government participation in international cybersecurity standardization for IoT. Other organizations may also find this useful in their planning.
Hide full abstract
Keywords
cybersecurity; cybersecurity objectives; cybersecurity risks; cybersecurity threats; IT; information technology; IoT; Internet of Things; IoT components; IoT systems; SDO; standards developing organizations; standards; standards gaps
Control Families
None selected