Our research shows that there is no one-size-fits-all approach to securing the Internet of Things. That’s why we have released Draft NISTIR 8200, Interagency Report on Status of International Cybersecurity Standardization for the Internet of Things (IoT)—and why we want to hear from you.
With this draft report, we hope to inform and enable policymakers, managers and standards participants as they seek timely development and use of cybersecurity standards in IoT components, systems and services.
This effort began with the Interagency International Cyber Security Working Group (IICS WG), in direct response to recommendations from the Interagency Report on Strategic U.S. Government Engagement in International Standardization to Achieve U.S. Objectives for Cybersecurity (NISTIR 8074 Volume 1). The working group coordinates on major issues in international cybersecurity standardization and established a task group to develop a report on the status of international cybersecurity standards that are relevant to IoT. NIST convenes the IICS WG and co-chairs, with DHS, the IoT Task Group.
Because of the rapid adoption of IoT devices—and the cybersecurity and privacy concerns surrounding them—the draft NISTIR aims to update stakeholders on the development and use of cybersecurity standards in IoT.
This draft report, based upon the information available to the participating agencies, includes:
- A functional description of IoT;
- Several applications that are representative examples of IoT;
- Cybersecurity core areas and examples of relevant standards;
- IoT cybersecurity objectives, risks and threats;
- Analysis of the standards landscape for IoT cybersecurity; and
- IoT-relevant cybersecurity standards related to cybersecurity core areas.
Why are we asking for feedback?
It’s likely that IoT will need a variety of standards, so we are seeking to hear from a broad range of stakeholders during our open comment period. This will give us a better understanding of industry’s full take on adopting IoT standards (including potential barriers to adoption). Ultimately, we seek to understand what gaps currently exist in the marketplace, and learn more about how standards can help fill these gaps.
This feedback is critical for shaping the final publication so it meets the needs of the public and private sectors—so we really appreciate your input. Thank you in advance!
How to provide feedback:
Follow us on Twitter.