Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Workshop on Cybersecurity Risks in Consumer Home IoT Products

The workshop featured an overview of NIST’s Cybersecurity for IoT Program and guest speakers highlighted the many considerations impacting the cybersecurity of IoT products. The introductory session was followed with panels discussing addressing cybersecurity challenges in home IoT products and a panel discussing barriers to implementing the core baseline NISTIR 8259A IoT Device Cybersecurity Capability Core Baseline in consumer IoT products. After the opening panels, attendees broke out into smaller groups for facilitated discussions about the most critical issues impacting implementation of stronger cybersecurity in consumer IoT devices. The workshop concluded with attendees reassembling to hear reports from each breakout facilitator, tying together any overriding themes and/or issues for future exploration. An agenda is available on the event information page.

Last year NIST published draft NISTIR 8267, Security Review of Consumer Home Internet of Things (IoT) Products, which documents NIST’s technical observations on the cybersecurity risks of current IoT products. The workshop will solicit industry insight on cybersecurity risks in consumer IoT products and future directions for the consumer home IoT product research.

Learn more about the Cybersecurity for IoT Program on the NIST website, and feel free to reach out with questions or comments via email at iotsecurity [at] (iotsecurity[at]nist[dot]gov). Also, remember to follow @NISTcyber for updates on NIST’s IoT and other cybersecurity activities, and use #IoTSecurityNIST on Twitter to follow and participate in the conversation around topics in cybersecurity for consumer IoT devices during and after the workshop.


Workshop on Cybersecurity Risks in Consumer Home IoT Products

October 22, 2020

12:00 - 4:30 PM ET

Draft Agenda 

12:00 - 12:20 PM ET


  • Overview of NIST IoT Cybersecurity program, core baseline and profiling work
  • Overview of NCCoE work related to Consumer IoT Cybersecurity
12:20 - 1:20 PM ET

Panel 1: What makes a consumer IoT device different?


  • Maarten Bron, Managing Director, Riscure
  • L. Jean Camp, Professor, Indiana University Bloomington
  • Mark Haney, Laboratory for Telecommunication Sciences, University of Maryland 
  • Rebecca Herold, The Privacy Professor Consultancy
  • Andrew Tierney, IoT Security Consultant, Pen Test Partners

Moderator: Barbara Cuthill, Deputy Program Manager, Cybersecurity for IoT Program (NIST)

1:20 - 1:30 PM ET


1:30 - 2:30 PM ET

Panel 2: What barriers exist to meeting the baseline in  NISTIR 8259A IoT Device Cybersecurity Capability Core Baseline in consumer devices?


  • Mike Bergman, Vice President of Technology and Standards, CTA 
  • Julie Haney, Computer Scientist, Visualization and Usability Group, NIST
  • Michelle Richardson, Director of the Data and Privacy Project, Center for Democracy and Technology
  • David Thaler, Partner Software Architect, Microsoft

Moderator: Mike Fagan, Technical Lead, NIST Cybersecurity for IoT Program

2:30 - 2:45 PM ET


Transition to Breakout Sessions

2:45 - 3:45 PM ET

Breakout Session

Facilitated discussion on what tools and guidance are to build and support more secure consumer IoT devices. 

3:45 - 4:00 PM ET


Transition to Plenary Session 

4:00 - 4:20 PM

Readout from Breakout Session 

Facilitator Panel 

4:20 - 4:30 PM Closing Remarks 


Created September 4, 2020, Updated October 28, 2020