NIST disclosed two publications with the aim of providing cybersecurity guidance and suitable practices specific for companies manufacturing IoT devices as a part of cybersecurity for IoT program. This move is made as a portion of NIST’s implementation of the 2017 Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.
These publications provide recommended activities to the manufacturers to improve and secure IoT devices also the baseline level of security requirements for these devices.
NISTIR 8259 helps manufacturers of new IoT devices by recommending activities to address cybersecurity in the product development process. Recommended activities are 6, out of which 4 identifies and implementsrelevant security controls in the pre-market phase and two that concentrates on meeting customers’ cybersecurity needs once the device is on the market.
NISTIR 8259 puts core baseline of security before you, which requires the following:
Cybersecurity state awareness: An IoT device can report on its cybersecurity state to authorized entities only