NIST is responding to the IoT Cybersecurity Improvement Act of 2020 (P.L. 116-207) by developing standards and guidelines to help federal agencies meet their obligations under the law. Federal agencies are encouraged to participate in NIST’s 22 April workshop, which will focus on the community feedback we’ve received on two of our draft publications, and the path forward for those documents.
In December 2020 NIST published associated draft documents, including:
NIST’s efforts are focused on helping agencies assess the risk associated with their use of IoT devices, and apply the RMF to their individual use cases. Comments on our drafts closed 26 February, but the program is still interested in feedback from federal agencies affected by P.L. 116-207 and looking to apply the guidance in SP 800-213. Please contact iotse...@nist.gov if you have questions, comments, or feedback on our IoT cybersecurity publications.
Jeff Brewer
Management and Program Analyst
Information Technology Lab, Computer Security Division,
National Institute of Standards and Technology