Date Published: September 2018
Comments Due: October 24, 2018 (public comment period is CLOSED)
Email Questions to: firstname.lastname@example.org
Kaitlin Boeckl (NIST), Michael Fagan (NIST), William Fisher (NIST), Naomi Lefkovitz (NIST), Katerina Megas (NIST), Ellen Nadeau (NIST), Ben Piccarreta (NIST), Danna Gabel O'Rourke (Deloitte & Touche), Karen Scarfone (Scarfone Cybersecurity)
The Internet of Things (IoT) is a rapidly evolving and expanding collection of diverse technologies that interact with the physical world. Many organizations are not necessarily aware of the large number of IoT devices they are already using and how IoT devices may affect cybersecurity and privacy risks differently than conventional information technology (IT) devices do.
NIST is seeking public comments on Draft NISTIR 8228, Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks. The purpose of this publication is to help federal agencies and other organizations better understand and manage the cybersecurity and privacy risks associated with their IoT devices throughout their lifecycles. This publication is the introductory document providing the foundation for a planned series of publications on more specific aspects of this topic.
We encourage you to use the Comment Template when submitting your comments.
Keywords cybersecurity risk; Internet of Things (IoT); privacy risk; risk management; risk mitigation