U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.


Secure websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to our website. Please do not share sensitive information with us.

This is an archive
(replace .gov by .rip)


IoT Device Cybersecurity Capability Core Baseline

Date Published: May 2020

Planning Note (7/14/2020):

NISTIR 8259A is now available in Portuguese and Spanish translations.

(7/14/20) NIST is developing a federal profile of the Core Baseline established in NISTIR 8259A (“Federal Profile”) and seeks feedback from all stakeholders on this initial catalog of proposed IoT device cybersecurity capabilities and related non-technical capabilities. Learn more in the FAQ.

See the latest developments from the NIST Cybersecurity for IoT Program.


Michael Fagan (NIST), Katerina Megas (NIST), Karen Scarfone (Scarfone Cybersecurity), Matthew Smith (G2)



cybersecurity baseline; Internet of Things (IoT); securable computing devices
Control Families

None selected