The National Institute of Standards and Technology (NIST) has released the final guidance on how federal agencies and organizations can develop a risk management framework for protecting internet of things-based devices from cyber threats.
The NIST Special Publication 800-213 establishes cybersecurity requirements for IoT devices and outlines recommendations to help government agencies consider how an IoT device can integrate into a federal information system, NIST said Monday.
The agency also unveiled the final version of the SP 800-213A that includes a catalog of IoT device cybersecurity capabilities that federal agencies can use when establishing requirements for safeguarding internet-connected platforms.
NIST said the revised version of the guidance incorporates feedback it received from the public throughout 2021.
The guidance is pursuant to the IoT Cybersecurity Act of 2020 that requires NIST to provide a framework for the appropriate use and management of IoT devices connected to federal information systems.