Cybersecurity standardisation for IoT: A NIST draft
The Interagency International Cybersecurity Standardization Working Group (IICS WG) has developed a draft report, the NIST Interagency Report (NISTIR) 8200, Status of International Cybersecurity Standardization for Internet of Things (IoT).
The intended audience for this report is both the government and the public, with its purpose being to inform and enable policymakers, managers, and standards participants as they seek timely development of and use of cybersecurity standards in IoT components, systems, and services.
This draft report:
- provides a functional description for IoT (Section 4);
- describes several IoT applications that are representative examples of IoT (Section 5);
- summarizes the cybersecurity core areas and provides examples of relevant standards (Section 6);
- describes IoT cybersecurity objectives, risks, and threats (Section 7);
- provides an analysis of the standards landscape for IoT cybersecurity (Sections 8 and 9); and
- maps IoT relevant cybersecurity standards to cybersecurity core areas (Appendix D).
This draft report is based upon the information available to the participating agencies. Comments are now being solicited to augment that information, especially on the information about the state of cybersecurity standardization for IoT that is found in Sections 8, 9, 10, and Annex D.
The public and also government sector are invited to give their feedback on this draft publication, as it will help to shape the final publication so that it best meets the needs of the public and private sectors.
Comments will be posted as they are received, at https://www.nist.gov/itl/comments-draft-nistir-8200.