Date Published: June 2019
Planning Note (03/30/2021):
NISTIR 8228 is now available in Portuguese and Spanish translations.
Author(s)
Kaitlin Boeckl (NIST), Michael Fagan (NIST), William Fisher (NIST), Naomi Lefkovitz (NIST), Katerina Megas (NIST), Ellen Nadeau (NIST), Ben Piccarreta (NIST), Danna Gabel O'Rourke (Deloitte & Touche), Karen Scarfone (Scarfone Cybersecurity)
The Internet of Things (IoT) is a rapidly evolving and expanding collection of diverse technologies that interact with the physical world. Many organizations are not necessarily aware of the large number of IoT devices they are already using and how IoT devices may affect cybersecurity and privacy risks differently than conventional information technology (IT) devices do. The purpose of this publication is to help federal agencies and other organizations better understand and manage the cybersecurity and privacy risks associated with their individual IoT devices throughout the devices’ lifecycles. This publication is the introductory document providing the foundation for a planned series of publications on more specific aspects of this topic.
The Internet of Things (IoT) is a rapidly evolving and expanding collection of diverse technologies that interact with the physical world. Many organizations are not necessarily aware of the large number of IoT devices they are already using and how IoT devices may affect cybersecurity and privacy...
See full abstract
The Internet of Things (IoT) is a rapidly evolving and expanding collection of diverse technologies that interact with the physical world. Many organizations are not necessarily aware of the large number of IoT devices they are already using and how IoT devices may affect cybersecurity and privacy risks differently than conventional information technology (IT) devices do. The purpose of this publication is to help federal agencies and other organizations better understand and manage the cybersecurity and privacy risks associated with their individual IoT devices throughout the devices’ lifecycles. This publication is the introductory document providing the foundation for a planned series of publications on more specific aspects of this topic.
Hide full abstract
Keywords
cybersecurity risk; Internet of Things (IoT); privacy risk; risk management; risk mitigation
Control Families
None selected
