Date Published: February 2018
Email Questions to:
Michael Hogan (NIST), Ben Piccarreta (NIST)
The Interagency International Cybersecurity Standardization Working Group (IICS WG) was established in December 2015. The purpose of the IICS WG is to coordinate on major issues in international cybersecurity standardization and thereby enhance U.S. federal agency participation in international cybersecurity standardization.
The IICS WG has developed this draft report, NIST Interagency Report (NISTIR) 8200, Status of International Cybersecurity Standardization for Internet of Things (IoT). The intended audience is both the government and the public. The purpose is to inform and enable policymakers, managers, and standards participants as they seek timely development of and use of cybersecurity standards in IoT components, systems, and services.
This draft report:
- provides a functional description for IoT (Section 4);
- describes several IoT applications that are representative examples of IoT (Section 5);
- summarizes the cybersecurity core areas and provides examples of relevant standards (Section 6);
- describes IoT cybersecurity objectives, risks, and threats (Section 7);
- provides an analysis of the standards landscape for IoT cybersecurity (Sections 8 and 9); and
- maps IoT relevant cybersecurity standards to cybersecurity core areas (Appendix D).
This draft report is based upon the information available to the participating agencies. Comments are now being solicited to augment that information, especially on the information about the state of cybersecurity standardization for IoT that is found in Sections 8, 9, 10, and Annex D. Your feedback on this draft publication is important. It will help to shape the final publication so that it best meets the needs of the public and private sectors.
Comments will be posted as they are received, at https://www.nist.gov/itl/comments-draft-nistir-8200.
Keywords cybersecurity; cybersecurity objectives; cybersecurity risks; cybersecurity threats; IT; information technology; IoT; Internet of Things; IoT components; IoT systems; SDO; standards developing organizations; standards; standards gaps