IoT Device Cybersecurity Capability Core Baseline

Michael J. Fagan; Katerina N. Megas; Karen  Scarfone; Matthew  Smith

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

PUBLICATIONS

IoT Device Cybersecurity Capability Core Baseline

Published

May 29, 2020

Author(s)

Michael J. Fagan, Katerina N. Megas, Karen Scarfone, Matthew Smith

Abstract

Device cybersecurity capabilities are cybersecurity features or functions that computing devices provide through their own technical means (i.e., device hardware and software). This publication defines an Internet of Things (IoT) device cybersecurity capability core baseline, which is a set of device capabilities generally needed to support common cybersecurity controls that protect an organizations devices as well as device data, systems, and ecosystems. The purpose of this publication is to provide organizations a starting point to use in identifying the device cybersecurity capabilities for new IoT devices they will manufacture, integrate, or acquire. This publication can be used in conjunction with NISTIR 8259, Foundational Cybersecurity Activities for IoT Device Manufacturers.

Citation

NIST Interagency/Internal Report (NISTIR) - 8259A

Report Number

8259A

NIST Pub Series

NIST Interagency/Internal Report (NISTIR)

Pub Type

NIST Pubs

Download Paper

DOI Link

Keywords

cybersecurity baseline, Internet of Things (IoT), securable computing devices

Internet of Things (IoT) and Cybersecurity

Created May 29, 2020