Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Workshop on Foundational Cybersecurity Activities for IoT Device Manufacturers

Large city with lights showing IoT connections with blue background
Credit: Shutterstock

NIST will host a full-day hybrid workshop at the NCCoE to continue discussions related to a major update of NIST IR 8259. The day's activities will feature an overview of NIST's current status in updating NIST IR 8259 with extensive Q-and-A  and invited speakers to discuss current cybersecurity and IoT topics relevant to the NIST IR 8259 updates with both in-person and virtual attendees. In-Person participation is encouraged, but the full day workshop will be broadcast virtually to those who cannot attend at the NCCoE.

Overview of Agenda

This workshop focuses on questions around updating Foundational Cybersecurity Activities for IoT Device Technology Manufacturers (NIST IR 8259). The planned updates incorporate a greater emphasis on

  • Taking  a product viewpoint rather than a device-centric approach
  • Incorporating risk analysis in determining needed cybersecurity capabilities in the product 
  • Greater emphasis on maintenance and end-of-support / end of life considerations 
  • Applicability of IoT guidance to industrial contexts
  • Cybersecurity considerations around data management needed to support privacy goals

 

Agenda 

  • 8:30 - 9:00 AM Registration/Check-in
  • 9:00 – 9:15 AM Welcome (Katerina Megas)
  • 9:15 – 10:00 AM Morning Keynote Presentation (TBD)
  • 10:00 – 10:55 AM NIST IR 8259 Revision 1 Preliminary Update:  Session 1 (Mike Fagan) 

                   Updates to Activity 1: Identify Expected Customers and Use Cases  and Activity 2:  Research Customer Cybersecurity Needs and Goals 

                    Presentation (15 minutes) 

                    Q&A and Discussion (40 minutes) 

  • 10:55 – 11:00 AM Break
  • 11:00 – 11:55 AM NIST IR 8259 Revision 1 Preliminary Update:  Session 2 (Mike Fagan) 

                     Updates to Activity 3: Determine How to Address Customer Needs and Goals and Activity 4:  Plan for Adequate Support of Customers Needs and Goals

                     Presentation (15 minutes) 

                     Q&A and Discussion (40 minutes) 

  • 11:55 AM – 1:00 PM Lunch Break
  • 1:00 – 1:45 PM Afternoon Keynote Presentation (TBD)
  • 1:45 – 2:45 PM NIST IR 8259 Revision 1 Preliminary Update:  Session 3 (Mike Fagan) 

                  Updates to Activity 5: Define Approaches for Communicating to Customers and Activity 6: Decide What to Communicate to Customers and How to Communicate it 

                   Presentation (15 minutes) 

                  Q&A and Discussion (45 minutes) 

  • 2:45 – 3:00 Break
  • 3:00 -3:15 PM Presentation of Potential Future Updates for Next Draft of NISTIR 8259 Revision 1 (Mike Fagan)
  • 3:15 – 3:45 PM Open Q&A and Discussion
  • 3:45 – 4:00 PM Closing Remarks (Mike Fagan)

Visitor Access Requirement:

  • For Non-US Citizens:  Please have your valid passport for photo identification.*
  • For US Permanent Residents: Please have your green card for photo identification.*
  • For US Citizens: Please have your state-issued driver's license. Regarding Real-ID requirements, all states are in compliance or have an extension through May 2025.*

    NIST also accepts other forms of federally issued identification in lieu of a state-issued driver's license, such as a valid passport, passport card, DOD's Common Access Card (CAC), Veterans ID, Federal Agency HSPD-12 IDs, and Military Dependents ID.

    *Use of apps, physical photocopies, and/or digital screenshots of your ID, Passport or Green card will not be accepted.  

Created January 6, 2025, Updated February 10, 2025