Fagan, M.
, Megas, K.
, Scarfone, K.
and Smith, M.
(2020),
IoT Device Cybersecurity Capability Core Baseline, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.IR.8259A
(Accessed October 22, 2025)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
IoT Device Cybersecurity Capability Core Baseline
Published
Author(s)
, , Karen Scarfone, Matthew Smith
Abstract
Device cybersecurity capabilities are cybersecurity features or functions that computing devices provide through their own technical means (i.e., device hardware and software). This publication defines an Internet of Things (IoT) device cybersecurity capability core baseline, which is a set of device capabilities generally needed to support common cybersecurity controls that protect an organizations devices as well as device data, systems, and ecosystems. The purpose of this publication is to provide organizations a starting point to use in identifying the device cybersecurity capabilities for new IoT devices they will manufacture, integrate, or acquire. This publication can be used in conjunction with NISTIR 8259, Foundational Cybersecurity Activities for IoT Device Manufacturers.Citation
NIST Interagency/Internal Report (NISTIR) - 8259A
Report Number
8259A
NIST Pub Series
Pub Type
NIST Pubs
Download Paper
Keywords
cybersecurity baseline, Internet of Things (IoT), securable computing devices
Citation
Issues
If you have any questions about this publication or are having problems accessing it, please contact [email protected].
Created May 29, 2020