NIST Updating Cyber Guidance as Agencies Continue to Adopt Internet of Things (IoT)

Sep 28, 2018

The National Institute of Standards and Technology (NIST) wants to make sure agencies understand the added challenges of cybersecurity for internet of things (IoT). That’s why it’s producing a new guidance document on the subject. The draft opened for public comments on September 24 and will remain open until October 24.

“The real unique thing about IoT is that it’s not just sensing data, of course,” says James St. Pierre, deputy director of the IT Laboratory at NIST. “It can also actuate. It can have changes in the kinetic and physical world. That brings a whole new risk profile with it.”

He said that the new document is also the first in a series that will begin to consider cybersecurity and privacy together. He said it will also consider IoT-specific guidance, like the use of Manufacturer’s User Descriptions, or MUDs.