FYI: Public Comment: Two Draft NIST in the IoT Area

  1. To help organizations address the cybersecurity and privacy threats against Internet of Things (IoT) devices, the National Institute of Standards and Technology (NIST) has released draft NIST Internal Report (NISTIR) 8228: Considerations for Managing IoT Cybersecurity and Privacy Risks for public comment. The document – developed in collaboration with a broad range of stakeholder groups – is intended to help federal agencies and other organizations better understand and manage the cybersecurity and privacy risks associated with their IoT devices throughout their lifecycles. The draft also includes recommendations about how to address risk considerations for these devices. Public comment on the draft NISTIR can be emailed to by October 24, 2018. For additional information, see NIST’s recent blog post.
  2. IoT Trust Concerns: NIST Releases Draft NIST Internal Report 8222 for Comment NIST has released Draft NIST Internal Report (NISTIR) 8222, Internet of Things (IoT) Trust Concerns, which identifies seventeen technical trust-related issues that may negatively impact the adoption of IoT products and services. The document offers recommendations for mitigating or reducing the effects of these concerns while also suggesting additional areas of research with regard to the subject of “IoT trust.” This publication is intended for a general information technology audience, including managers, supervisors, technical staff, and those involved in IoT policy decisions, governance, and procurement. Feedback from reviewers is requested on the seventeen technical concerns that are presented, as well as suggestions for other potential technical concerns that may be missing from the document.
  3. public comment period for this draft document is open until November 5, 2018.

    CSRC Update:

    Publication Details:

    1. See all current NIST draft publications at
    2. See upcoming events at