NIST calls for public feedback for the federal profile of IoT devices cybersecurity capabilities
The US National Institute of Standards and Technology (NIST) is developing a federal profile of IoT devices cybersecurity capability core as established in NISTIR 8259A. The Federal Profile is a catalog of IoT devices cybersecurity capabilities, supporting non-technical manufacturer capabilities and related IoT device customer controls designed to protect an organisation’s devices, data, systems, and ecosystems. The Profile can help manufacturers and agencies understand how an IoT device can support security. The Profile will enable federal agencies to securely incorporate IoT devices into their systems and meet their security requirements for federal information and systems. As for manufacturers, the profile can assist them in engineering the technical capabilities and in providing non-technical capabilities to IoT device customers as well as federal agencies. The consumers can then use those capabilities to ensure their systems meet an established level of management, operational, and technical security control requirements. NIST calls for the public to send their feedback via the Federal Profile of 8259A on GitHub or e-mailing IoTsecurity@nist.gov.