Executive Order 14028 on Improving the Nation’s Cybersecurity assigned NIST tasks on multiple topics. The Cybersecurity for IoT program is contributing to NIST’s multi-faceted response to E.O. 14028, and developed and published a draft baseline security criteria for consumer IoT devices. This baseline was released as a draft white paper for public comment. The comment period closed on October 18, 2021; with NIST receiving more than 400 comments. An updated discussion draft was released on December 3, 2021, followed by a workshop on December 9.
On February 4, 2022, NIST recommended criteria for cybersecurity labeling of IoT products. The E.O. 14028 website includes a page with details of the response to the IoT-oriented tasking from the E.O.