Some cybersecurity best practices and guidance for Internet of Things (IoT) device manufacturers are now available from NIST’s Cybersecurity for IoT Program:
- NISTIR 8259A, IoT Device Cybersecurity Capability Core Baseline, identifies a core baseline of IoT device cybersecurity capabilities for manufacturers — i.e. device capabilities generally needed to support common cybersecurity controls.
- NISTIR 8259, Foundational Cybersecurity Activities for IoT Device Manufacturers, provides specific recommended activities to help manufacturers address customer needs for IoT cybersecurity in their product development processes.
More information
NISTIR 8259 details
https://csrc.nist.gov/publications/detail/nistir/8259/final
NISTIR 8259A details
https://csrc.nist.gov/publications/detail/nistir/8259a/final
NIST Cybersecurity Insights blog: “More than just a milestone in the Botnet Roadmap towards more securable IoT devices”
https://www.nist.gov/blogs/cybersecurity-insights/more-just-milestone-botnet-roadmap-towards-more-securable-iot-devices
NIST’s Cybersecurity for IoT Program:
https://www.nist.gov/programs-projects/nist-cybersecurity-iot-program
