As reported by Security Week, the National Institute of Standards and Technology (NIST) is seeking public feedback on updated guidelines for Internet of Things (IoT) product cybersecurity. The updated guidance, SP 800-213 Revision 1, aims to reflect current security needs and establish cybersecurity requirements for IoT products within risk assessments.The initial public draft of the updated guidelines, titled "IoT Product Cybersecurity Guidelines for the Federal Government: Establishing IoT Product Cybersecurity Requirements," is available for comment until August 24. NIST emphasizes that as organizations increasingly rely on IoT products, these must be considered integral system elements within the risk management process. The revision builds upon previous guidance by focusing on IoT products rather than devices to clarify their role and ensure all components are considered.This update addresses the evolution of the technical, operational, and risk landscape over the past five years. NIST is soliciting feedback on the changes, clarity of terms, and alignment with intended outcomes. Organizations are also encouraged to reference related NIST publications on risk assessment, such as SP 800-30 Revision 1 and SP 800-53 Rev. 5, when integrating IoT products.Source: Security Week
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds