All tagged NIST

NIST Releases a Preliminary Draft of its Privacy Framework

Slightly shy of a year from kicking off the Privacy Framework effort, the National Institute of Standards and Technology (NIST) has released a preliminary draft of the document, entitled NIST Privacy Framework:  A Tool for Improving Privacy Through Enterprise Risk Management (Draft Framework or Draft).  This Draft comes amidst a continued flurry of privacy activity at both the state and federal levels.  

NIST Releases Draft IoT Security Baseline

This week, the National Institute of Standards and Technology (NIST) released NISTIR 8259, a draft of the long awaited[1] “Core Cybersecurity Feature Baseline for Securable IoT Devices.”  The publication (the baseline draft) proposes a voluntary, flexible, minimum set of “baseline of cybersecurity features based on common cybersecurity risk management approaches as a starting point for manufacturers.”  (p. 1).  We expect it to shape standards of care and regulatory expectations for manufacturers and sellers of all connected devices. For stakeholders, and others, there are multiple opportunities for engagement.  NIST is holding a workshop on the baseline on August 13.  Comments for the baseline draft are due September 30. 

NIST Launches Effort to Establish IoT Security Baseline; Seeks Stakeholder Feedback

The National Institute of Standards and Technology (NIST), within the Department of Commerce, has launched an effort to identify “a core set of cybersecurity capabilities that could be a baseline for [Internet of Things (IoT)] devices.”  The discussion draft, Considerations for a Core IoT Cybersecurity Capabilities Baseline, is intended to solicit stakeholder feedback and includes NIST’s “initial thoughts about what a core baseline of cybersecurity capabilities that are important for most IoT devices would look like.”