All tagged NIST

NIST Releases Draft IoT Security Baseline

This week, the National Institute of Standards and Technology (NIST) released NISTIR 8259, a draft of the long awaited[1] “Core Cybersecurity Feature Baseline for Securable IoT Devices.”  The publication (the baseline draft) proposes a voluntary, flexible, minimum set of “baseline of cybersecurity features based on common cybersecurity risk management approaches as a starting point for manufacturers.”  (p. 1).  We expect it to shape standards of care and regulatory expectations for manufacturers and sellers of all connected devices. For stakeholders, and others, there are multiple opportunities for engagement.  NIST is holding a workshop on the baseline on August 13.  Comments for the baseline draft are due September 30. 

NIST Launches Effort to Establish IoT Security Baseline; Seeks Stakeholder Feedback

The National Institute of Standards and Technology (NIST), within the Department of Commerce, has launched an effort to identify “a core set of cybersecurity capabilities that could be a baseline for [Internet of Things (IoT)] devices.”  The discussion draft, Considerations for a Core IoT Cybersecurity Capabilities Baseline, is intended to solicit stakeholder feedback and includes NIST’s “initial thoughts about what a core baseline of cybersecurity capabilities that are important for most IoT devices would look like.”

ISPAB Meeting Highlights U.S. Government Information Security Efforts

The Information Security and Privacy Advisory Board (ISPAB or the Board) convened on November 1 for a two-day meeting in Washington, D.C.  The open meeting featured updates on cybersecurity and privacy efforts across the federal government, including at the National Institute of Standards and Technology (NIST), the National Telecommunications and Information Administration (NTIA), and the Department of Homeland Security (DHS).