The National Institute of Standards and Technology (NIST) announced it has released four new publications to offer recommendations to federal agencies and manufacturers concerning cybersecurity for IoT devices.

The publications address challenges of the new IoT Cybersecurity Improvement Act of 2020, providing guidance that law mandates.

Per the organization, the four documents — NIST Special Publication (SP) 800-213 and NIST Interagency Reports (NISTIRs) 8259B, 8259C and 8259D — form a unit intended to help ensure the government and IoT device designers are on the same page with regard to cybersecurity for IoT devices used by federal agencies. 

While NIST guidelines are not regulatory, the organization is responsible for creating information security standards and guidelines.

Information about the publications, per a company press release:

• SP 800-213 - Provides overall guidance for federal agencies, extending NIST’s risk-based cybersecurity approach to include integration of IoT devices into federal information systems and infrastructure.
• NISTIR 8259 series - provides guidance that IoT device manufacturers can use to help organizations implement SP 800-213’s guidance.

1. NISTIR 8259 and NISTIR 8259A, were released previously, bringing the current total in the series to five.

• NISTIR 8259B - Complements 8259A with guidance on nontechnical processes manufacturers should implement that support cybersecurity, such as documenting updates and informing customers of how to implement them.
• NISTIR 8259D - Begins to get more particular, helping manufacturers consider the needs of a specific market sector — in this case, the U.S. federal government.
•  NISTIR 8259C - Describes the process NIST followed to develop 8259D, so that manufacturers in other markets can use that same process if they desire to do so. 

For more information, visit https://www.nist.gov/.