Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information Technology Laboratory /Applied Cybersecurity Division

NIST Cybersecurity for IoT Program

The Cybersecurity for IoT Program’s mission is to cultivate trust in the IoT and foster an environment that enables innovation on a global scale through standards, guidance, and related tools.

NISTIR 8259 Series

Read more about NIST's guidance for manufacturers and supporting parties creating IoT devices and products.

SP 800-213 Series

Read more about NIST guidance for Federal Agencies looking to deploy IoT devices in their systems.

Consumer IoT Products

Read more about the program's contributions to NIST's response to E.O. 14028 on improving Consumer IoT cybersecurity.

The Challenge

Fostering cybersecurity in the IoT ecosystem, across industry sectors and at scale

Recent Announcements

Comment period open until December 21, 2023 on the following documents:
- Preliminary Draft IoT Cybersecurity Profile for Consumer Grade Routers
- Discussion Essay - IoT Product Component Requirements

Comments can be sent to IoTSecurity [at] nist.gov (IoTSecurity[at]nist[dot]gov)

Slide deck from December 7, 2023 Discussion Forum on NIST's Cybersecurity Profile for Consumer Grade Routers now available.

The Internet of Things Advisory Board is holding its next meeting on December 12 and 13. The deadline for requesting to speak to the IoT Advisory Board is 5:00 PM on December 5, 2023. Please email requests and comments on the NIST IoT Advisory Board’s work at any time to Barbara Cuthill (barbara.cuthill [at] nist.gov (barbara[dot]cuthill[at]nist[dot]gov)). Register for the December Meeting.
SSDF and IoT Cybersecurity Guidance: Building Blocks for IoT Product Security (June 22, 2023)
NIST Selects ‘Lightweight Cryptography’ Algorithms to Protect Small Devices (February 7, 2023)
U.S. Department of Commerce Appoints Members for New Internet of Things Advisory Board (October 24, 2022)
Now available: NIST's final recommendations for Cybersecurity features in Consumer IoT Products, NIST IR 8425: Profile of the IoT Core Baseline for Consumer Products! This IR is the culmination of over a year of stakeholder involvement that included 3 workshops, multiple rounds of comments, and many conversations with stakeholders.

Earlier announcements can be found on the program’s Announcement History page.

About the Program

NIST’s Cybersecurity for the Internet of Things (IoT) program supports the development and application of standards, guidelines, and related tools to improve the cybersecurity of IoT systems, products, connected devices and the environments in which they are deployed. By collaborating with stakeholders across government, industry, international bodies, academia, and consumers, the program aims to cultivate trust and foster an environment that enables innovation on a global scale.

The IoT Cybersecurity Program charter was established at the end of 2016 with three overarching program goals.

Supports the development and application of standards, guidelines, and related tools to improve the cybersecurity of IoT systems and the environments in which they are deployed.

Collaborate with stakeholders across government, industry, international bodies, and academia.

Cultivate trust and foster an environment that enable innovation on a global scale.

Mailing List

The Cybersecurity for IoT program uses the GovDelivery to email announcements, join our mailing list to be among the first to receive NIST IoT cybersecurity news and information. Sign up or log in for email updates and select “IoT Cybersecurity” under Information Technology Laboratory (ITL) > Cybersecurity Programs.