| Comment Period Extended! Sharpening the Focus on Product Requirements and Cybersecurity Risks: Updating Foundational Activities for IoT Product Manufacturers The comment period for Draft NIST IR 8259 Rev. 1, Second Draft, Foundational Cybersecurity Activities for IoT Product Manufacturers, has been extended through December 10, 2025. Over the past few months, NIST has been revising and updating Foundational Activities for IoT Product Manufacturers (NIST IR 8259 Revision 1 Initial Public Draft), which describes recommended pre-market and post-market activities for manufacturers to develop products that meet their customers’ cybersecurity needs and expectations. Thank you so much for the thoughtful comments and feedback throughout this process; 400+ participants across industry, consumer organizations, academia, federal agencies, and researchers shared feedback in both the December 2024 and March 2025 workshops—as well as through written comments on the initial public draft. Others came to the virtual Discussion Forum Event in June to discuss updates, share initial ideas for a worked example of NIST IR 8259, and explore topics from an essay on planned updates to NIST SP 800-213/213A. NIST shared two workshop summary reports and distilled the comprehensive changes that expand the focus on IoT products, highlighting product cybersecurity capabilities as central to IoT cybersecurity. What Happens Next? Serving as a culmination of this collaborative effort, our latest resource, NIST IR 8259 Revision 1 Second Public Draft, was recently released… Read More NIST Cybersecurity and Privacy Program Questions and comments can be directed to: IoTSecurity@nist.gov |