Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Consumer IoT Cybersecurity

Improving Consumer IoT Cybersecurity

Executive Order 14028 on Improving the Nation’s Cybersecurity assigned NIST tasks on multiple topics. The Cybersecurity for IoT program is contributing to NIST’s multi-faceted response to E.O. 14028, and developed and published a draft baseline security criteria for consumer IoT devices. This baseline was released as a draft white paper for public comment. The comment period closed on October 18, 2021; with NIST receiving more than 400 comments. An updated discussion draft was released on December 3, 2021, followed by a workshop on December 9.

On February 4, 2022, NIST recommended criteria for cybersecurity labeling of IoT products. The E.O. 14028 website includes a page with details of the response to the IoT-oriented tasking from the E.O.

On September 19, NIST published, NIST IR 8425Profile of the IoT Core Baseline for Consumer Products. This IR takes into account the responses to the pilot work and is the final version of NIST’s recommendations for Cybersecurity features in Consumer IoT Products.

Created November 9, 2021, Updated September 26, 2022