Thanks to everyone who attended our July 22-23 workshop, Building the Federal Profile for IoT Device Cybersecurity: Next Steps for Securing Federal Systems. And, of course, a special “thank you” to our panelists including government and industry representatives from around the United States and abroad.
We were pleased to see over 500 participants – including nearly 200 attendees from the federal government representing nearly 30 agencies, as well as, state, local, and international government bodies. We were also grateful to have in attendance members of Congress, the news media, attorneys, researchers, academia, and others too numerous to mention here.
A video recording of the workshop is available at https://www.nist.gov/news-events/events/2020/07/building-federal-profile-iot-device-cybersecurity-next-steps-securing
We want to make sure we are… leveraging the federal government buying power, making sure that the federal government is demanding a level of security, and ensuring that the level of security is there… and I think that NIST is really helping us on driving what that looks like…”
NIST was honored to have Grant Schneider, senior director for cybersecurity policy at the National Security Council and federal chief information security officer, lead off our workshop with a keynote address and answer early questions from our participants with our own Kevin Stine, chief of the Applied Cybersecurity Division at NIST.
Mr. Schneider remarked at the workshop, “the security of IoT devices is something that I think we have not paid enough attention to…” setting the stage for two days of robust discussions across a range of questions posed by our participants and answered by our panelists.
NIST heard a number of themes from the presentations, questions, and poll results at the workshop. Prominent among those themes are:
A more complete list of themes and what was heard will be provided in the forthcoming summary report on the workshop.
Having heard so many of your questions and responses to our polls, NIST is pleased to see the interest in developing a Federal Profile of 8259A, which is available for review and feedback on our GitHub page. You may also submit comments via email to IoTSecurity [at] nist.gov ().
The Federal Profile on GitHub is the result of an initial analysis of federal government needs in order to identify a draft catalog of IoT device capabilities for use in U.S. federal government profiles. NIST is looking to incorporate all feedback received through late August into an update on the initial catalog released on GitHub.
Over the next few months, NIST will release for public comment a draft Special Publication to provide guidance to manufactures looking at federal customers. The document’s use cases will go beyond identifying the types of cybersecurity capabilities listed in NISTIR 8259A to explore even more technical and non-technical cybersecurity capabilities.
Below you can find our rollout of publication activities to date and through 2021.
Stay tuned! A summary of the entire workshop is scheduled for release in September!
Thank you for this informative post. I have used these tips and found them really useful.