Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Workshop Summary Report for "Building on the NIST Foundations: Next Steps in IoT Cybersecurity"



Katerina N. Megas, Michael Fagan, Barbara Bell Cuthill, Brad Hoehn, David Lemire, Rebecca Herold


This report summarizes the feedback received on the work of the NIST Cybersecurity for the Internet of Things (IoT) program on IoT product cybersecurity criteria at a virtual workshop in June 2022. The purpose of this workshop was to obtain feedback on specific considerations— and techniques for addressing those considerations—around cybersecurity in IoT products. These considerations have broad applicability across IoT product sectors, including the consumer IoT products sector and the industrial IoT sector. For consumer IoT, these considerations arose in moving the criteria presented in Recommended Criteria for Cybersecurity Labeling for Consumer Internet of Things (IoT) Products into draft NIST IR 8425, Profile of the IoT Core Baseline for Consumer IoT Products, along with a discussion paper on the complexity of risk identification for IoT published before the workshop.
NIST Interagency/Internal Report (NISTIR) - 8431
Report Number


Consumer IoT, Industrial IoT (IIoT), consumer profile, cybersecurity, Internet of Things (IoT), IoT products, privacy, Risk Management Framework, securable products, security requirements.


Megas, K. , Fagan, M. , Cuthill, B. , Hoehn, B. , Lemire, D. and Herold, R. (2022), Workshop Summary Report for "Building on the NIST Foundations: Next Steps in IoT Cybersecurity", NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online],, (Accessed June 24, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created September 20, 2022, Updated November 29, 2022