NIST IoT Cybersecurity Program Releases Two New Documents
September 20, 2022

NIST’s Cybersecurity for the Internet of Things (IoT) program has released two new documents:

• The final version of Profile of the IoT Core Baseline for Consumer IoT Products (NIST IR 8425). The public draft (June 2022) took the consumer IoT cybersecurity criteria from our February 2022 white paper on Recommended Criteria for Cybersecurity Labeling for Consumer Internet of Things (IoT) Products and formally incorporated them into NIST’s family of IoT cybersecurity guidance. This final version addresses feedback received by NIST on the June 2022 draft.
• Workshop Summary Report for “Building on the NIST Foundations: Next Steps in IoT Cybersecurity” (NIST IR 8431). This IR reviews the keynote presentations from our June 2022 virtual workshop, and identifies NIST’s key takeaways and next steps based on the workshop discussions and Q&A.

The new consumer profile reflects the next steps discussed in the summary report on the work done on the IoT cybersecurity labelling criteria portion of the work responding to Executive Order 14028. This profile builds on prior releases and the stakeholder feedback they generated.

Questions?
If you have questions about these documents, please send an email to iotsecurity@nist.gov.

To learn more about the Cybersecurity for IoT Program, visit the NIST website, and follow @NISTcyber on Twitter using #IoTSecurityNIST to join the conversation around topics in cybersecurity for consumer IoT devices during and after the workshop.