The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.
The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.
Description
NIST’s Cybersecurity for the Internet of Things (IoT) program supports the development and application of standards, guidelines, and related tools to improve the cybersecurity of connected devices and the environments in which they are deployed. By collaborating with stakeholders across government, industry, international bodies, and academia, the program aims to cultivate trust and foster an environment that enables innovation on a global scale.
Announcements
-
The Final Public Draft of NIST SP 800-53 Revision 5: Security and Privacy Controls for Information Systems and Organizations was released on March 16. NIST SP 800-53 presents a proactive and systemic approach to developing comprehensive safeguarding measures for all types of computing platforms, including general purpose computing systems, cyber-physical systems, cloud and mobile systems, industrial/process control systems, and Internet of Things (IoT) devices. NIST seeks comment on this draft through May 15, 2020.
-
Published! NISTIR 8259 (DRAFT) Core Cybersecurity Feature Baseline for Securable IoT Devices: A Starting Point for IoT Device Manufacturers [Document] [Background Information]
- Published! NISTIR 8228: Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks now available. NISTIR 8228
- News Article: NIST Releases Draft Security Feature Recommendations for IoT Devices
- News Article: Before Connecting an IoT Device, Check Out a New NIST Report for Cybersecurity Advice
- News article: Growing the Internet of Things Into a Safe and Responsible Member of Your Household
Events
Upcoming Events
No upcoming events.
Recent Past Events
Workshop on Core IOT Cybersecurity Baseline
August 13, 2019 | Replay Webcast and View Presentations
This Workshop will gather feedback on NIST’s approach to the IoT Cybersecurity Baseline as well as discuss current status and future directions of this work.
Event Archives
Video
Cybersecurity Consideration in IoT
The rapid proliferation of internet-connected devices and rise of the IoT come with great anticipation. These newly connected devices bring the promise of enhanced business efficiencies and increased customer satisfaction.
IoT devices could include wearable fitness trackers, “smart” televisions, wireless infusion pumps, and cars—among many others. Internet-connected devices generally sense, collect, process, and transmit a wide array of data, ranging from consumer personally identifiable information to proprietary company data to infrastructure data used to make critical real-time decisions or to effect a change in the physical world.
Just as there are a variety of new uses, the IoT ecosystem’s nature brings new security considerations. These considerations include—but are not limited to—constrained power and processing; the ability to manage, update, and patch devices at scale; and a diverse set of new applications across consumer and industrial sectors.
Cybersecurity for IoT Program
The Challenge
Fostering cybersecurity for devices and data in the IoT ecosystem, across industry sectors and at scale
Program Mission
Cultivate trust in the IoT and foster an environment that enables innovation on a global scale through standards, guidance, and related tools
Cybersecurity Considerations in IoT
Technical Factors
Market Factors
IoT Cybersecurity-Related Initiatives at NIST
The Cybersecurity for IoT program supports and builds off existing initiatives at NIST.
Partnership Opportunities
NIST wants to hear from you! The Cybersecurity for IoT program is looking for feedback and potential collaborators.