NIST to Examine IoT Security at Its Workshop on the Cybersecurity Framework
May 4, 2017
On May 16th and 17th National Institute of Standards and Technology (NIST) will hold a workshop on the Cybersecurity Framework, which will include a panel and discussion on IoT cybersecurity risks and how the Cybersecurity Framework could be used to help organizations mitigate those risks. In addition, the panel will explore existing IoT definitions and taxonomies and their consistency with the Cybersecurity Framework; IoT-specific security threats and constraints, including sector-specific constraints; and integration of IoT-specific threats and constraints into the Cybersecurity Framework. NIST will also seek feedback from attendees on how they might apply the Cybersecurity Framework to enhance protections for both IoT devices and in the broader IoT enterprise and network environments.
IoT security continues to be an important topic, as managing cybersecurity risks will be critical to the successful deployment of new and innovative technologies and the 5G network. CTIA delved into this matter at its Cybersecurity Summit just last week. Moderated by CTIA’s Senior Vice President and CTO Tom Sawanobori, CTIA convened a panel with experts Bret Hartman, VP and CTO of Cisco Security Business Group, and Scott Montgomery, VP and Chief Technical Strategist of McAfee, to discuss approaches and tools for securing the exponentially growing IoT. The panelists emphasized the importance of employing a risk-based approach to IoT security—noting that the level of security required for a “smart” blow dryer will differ from those necessary in an industrial factory setting where worker safety is on the line. By making risk-based decisions, organizations can deploy limited resources to achieve cybersecurity goals in a cost-effective and prioritized manner. A full video of the Cybersecurity Summit and a copy of the newly released CTIA White Paper on Protecting America’s Wireless Networks are available here.
Wiley Rein attorneys Megan Brown and Kat Scott will be attending the NIST Cybersecurity Framework Workshop, including the panel and group discussion on IoT security. Additional information on the workshop, including registration information, is available here.