U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST Updates IoT Cybersecurity Guidance and Accompanying Catalog
November 29, 2021

NIST has released final IoT-specific guidance to federal organizations to support extending their risk management process to the inclusion of IoT devices in federal systems. This guidance enables understanding and definition of IoT device cybersecurity requirements (NIST SP 800-213) using an accompanying catalog (NIST SP 800-213A):   

The revised publications offer a set of documentation focused on bridging the gap between IoT devices suppliers and federal customers, with the understanding that the Risk Management Framework (RMF) is the starting point for all federal systems cybersecurity. Based on stakeholder feedback and considering the guidance package as a whole, Draft NISTIR 8259D, Profile Using the IoT Core Baseline and Non-Technical Baseline for the Federal Government, was withdrawn and an updated version, responding to comments received, is now an appendix in SP 800-213A.

See more information in Convergent Evolution: SP 800-213, the Federal Profile, and the IoT Cybersecurity Catalogon the NIST Cybersecurity for IoT Program site.

Related Topics

Security and Privacy: acquisition, program management, risk management

Technologies: hardware

Applications: cybersecurity framework, Internet of Things

Created November 29, 2021, Updated December 06, 2021