NIST Seeks Input on IoT Cybersecurity Standards

On February 14, 2018, the National Institute of Standards and Technology (NIST) Interagency International Cybersecurity Standardization Working Group (IICS WG) released a major draft Report laying out its view of the IoT landscape and attempting to capture domestic and international efforts to create standards.  The IICS WG—which coordinates on major issues in international cybersecurity standardization—established an IoT Task Group to develop the Report on the status of international cybersecurity standards relevant to IoT.

The draft Report, titled the “Interagency Report on Status of International Cybersecurity Standardization for the Internet of Things (IoT)” and numbered as NISTIR 8200, is intended for both the government and public.  It describes cybersecurity core areas and provides examples of relevant standards.  It also analyzes IoT cybersecurity objectives, risks, and threats for IoT applications in general and for IoT technology application areas.  The Report’s conclusions focus on standards gaps and the effective use of existing standards, ultimately recommending that agencies work with industry to initiate new standards projects in Standards Developing Organizations (SDOs) to close those gaps.

As the U.S. government tackles technology and IoT policy, NIST’s views are poised to shape expectations and inform global approaches.  Innovators, service providers, and enterprise users of IoT should review the draft Report and considering providing input. 

Comments are due April 18, 2018.