IOT. Internet of things. Automation and modern technology concept
New NIST recommendations offer voluntary activities related to cybersecurity that manufacturers should consider performing before their IoT devices are sold to customers.
The National Institute of Standards and Technology (NIST) has published a second draft of its recommendations for Internet of Things (IoT) device manufacturers.
In it, the federal agency asks a series of questions and assessments to be carried out before commercialization, aimed at “reducing the prevalence and severity of IoT device compromises”.
SEE ALSO: IoT Researchers Propose Lag-Free Networking Solution
The main highlights
include:
- Identify expected customers and define expected use cases for IoT devices: This is the first point made by NIST, and it’s very important. By figuring out what the device will be used for, where it will be used, and what it will be connected to, the manufacturer may be able to identify the weak spots and shore them up before sale.
- Research customer cybersecurity goals: This follows on from the first point, identifying weak spots before the device ships. NIST ask how the device will interact with the physical world, how it will be accessed, who will monitor it, what data will it hold, and what regulations must it follow. California recently enacted a state law for IoT security, we can expect more states and countries will do the same this year.
- Determine how to address customer goals: After figuring out external threats, device manufacturers should look at enhancing on-board security by figuring out device identification, configuration, data protection, logical access restrictions, software and firmware updates.
- Define approaches for communicating with customers: Once a product is on sale, manufacturers need to be able to communicate with customers on any issues. NIST recommends that manufacturers make the information as easy as possible to understand and access.
- Decide what to communicate to customers and how to communicate it: One of the biggest worries buyers have is that their device will lose all functionality once the manufacturer ends support. NIST recommends that the manufacturer be clear with the customer how long it intends to provide support and what functionality the device will have after support ends.
David is a technology writer with several years experience covering all aspects of IoT, from technology to networks to security.
Best Practices for Deploying and Scaling Industrial AIArtificial Intelligence (AI) is transforming industrial operations, helping organizations optimize workflows, reduce downtime, and enhance productivity. Different industry verticals leverage AI in unique ways.Link to The Center for Adaptive Edge Intelligence
The Center for Adaptive Edge IntelligenceAdaptive edge intelligence brings real-time decision-making to the point of data creation, whether from sensors, machines, or cameras.Link to The Value of Vehicle Electrification
The Value of Vehicle ElectrificationElectric vehicles (EVs) present automakers with many design, engineering, and manufactu ring challenges.Link to Accelerating Manufacturing Digital Transformation with Industrial Connectivity and IoT
Accelerating Manufacturing Digital Transformation with Industrial Connectivity and IoTDigital transformation is empowering industrial organizations to deliver sustainable innovation, disruption-proof products and services, and continuous operational improvement.Link to Smart Manufacturing for Automotive
Smart Manufacturing for AutomotiveLeading a transportation revolution in autonomous, electric, shared mobility and connectivity with the next generation of design and development tools.Link to Center for Data Pipeline Automation
Center for Data Pipeline AutomationAs businesses become data-driven and rely more heavily on analytics to operate, getting high-quality, trusted data to the right data user at the right time is essential.Link to Center for Automated Integration
Center for Automated IntegrationThe goal of automated integration is to enable applications and systems that were built separately to easily share data and work together, resulting in new capabilities and efficiencies that cut costs, uncover insights, and much more.Link to Continuous Intelligence: Insights
Continuous Intelligence: InsightsDigital transformation requires continuous intelligence (CI). Today’s digital businesses are leveraging this new category of software which includes real-time analytics and insights from a single, cloud-native platform across multiple use cases to speed decision-making, and drive world-class customer experiences.
