Endpoint Security , Internet of Things Security

NIST IoT Device Security Framework to Get an Update

Revised Framework to Address Emerging IoT Risks and Technologies
NIST IoT Device Security Framework to Get an Update
Image: Shutterstock

The U.S. National Institute of Standards and Technology plans to revise its Internet of Things cybersecurity framework to address evolving risks posed by emerging technologies and use cases, such as AI and immersive technologies.

See Also: SASE: Recognizing the Challenges of Securing a Hybrid Workforce

NIST said in an advisory that it will revise guidance published as NIST IR 8259 to incorporate lessons learned and insights gained since the last revision in 2020 (see: First Federal IoT Security Legislation Becomes Law).

The document has become widely referenced and complemented over the past five years by additional publications, such as federal IoT guidelines and consumer IoT baselines. As IoT applications expand, new challenges have surfaced and prompted the need for revisions, NIST said.

The proposed updates will broaden the focus from individual IoT devices to entire product ecosystems. NIST also plans to integrate risk assessment and threat modeling, address differences between IoT, OT and IT systems, and incorporate insights from its cybersecurity frameworks.

The updates to the framework will also tackle emerging issues such as repairability's relationship to security and the disparity between IT and mechanical components' lifespans in connected products.

The advisory said that IoT cybersecurity has grown more complex with the introduction of AI, immersive technologies and other innovations. The revision seeks to ensure manufacturers can keep pace with these developments while addressing longstanding concerns about device security and support.

The updated framework will serve as a reference for manufacturers and policymakers, helping reduce risks such as device takeovers and data breaches.

NIST is inviting feedback from industry stakeholders, government entities and the public to shape the new guidelines.


About the Author

Prajeet Nair

Prajeet Nair

Assistant Editor, Global News Desk, ISMG

Nair previously worked at TechCircle, IDG, Times Group and other publications, where he reported on developments in enterprise technology, digital transformation and other issues.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.