NIST has posted an initial public draft of NIST Internal Report (IR) 8425A, Recommended Cybersecurity Requirements for Consumer-Grade Router Products. This report presents the consumer-grade router profile, which includes cybersecurity outcomes for consumer-grade router products and associated requirements from router standards. Routers serve as the gatekeepers of our networks, managing the flow of data between devices in the home or office and the internet. A compromised router opens the door to a host of potential exploited vulnerabilities and impacts, making router cybersecurity is of paramount importance in today's interconnected world.
Recommended Cybersecurity Requirements for Consumer-Grade Router Products includes the following topics:
- How product components around consumer-grade router devices can vary and be assembled into consumer-grade router products
- Cybersecurity considerations for consumer-grade routers
- Standards and guidance related to cybersecurity outcomes for consumer-grade routers
- Consideration of cybersecurity approaches for consumer-grade router products not documented in current standards and guidance
A public comment review period is open through May 17, 2024. See the publication details for a copy of the draft and instructions for submitting comments.
