On the Cyber Frontier of IoT Security

Client Alert | 1 min read | 04.11.18

In the Interagency Report on Status of International Cybersecurity Standardization for the Internet of Things (IoT), the National Institute of Standards and Technology (NIST) performed an extensive survey of current cybersecurity standards applicable or potentially applicable to IoT devices. Among the many key findings and discussions, some of the more notable are: (1) NIST elected not to define IoT due to the many varying definitions already in the field (see Annex A); (2) NIST used several functional IoT applications (connected vehicles, consumer devices, health/medical devices, smart buildings and smart manufacturing) to assess current cyber standards and gaps; (3) NIST recognized that no one-size-fits-all standards exist, as specific sectors will have differing risk scenarios and security objectives, thus requiring cyber standards to be tailored; and (4) IoT security should be built around eleven core areas of cybersecurity standardization. Also, NIST is looking for your comments on draft NISTIR 8200 by April 18. To learn more, join us at the IoT National Institute on May 9-10 in Washington, D.C.

Contacts

Cheryl A. Falvey
Partner
- Washington, D.C.
  - D | +1.202.624.2675
Y2ZhbHZleUBjcm93ZWxsLmNvbQ==

Insights

Client Alert | 3 min read | 06.12.26

DOJ Guidance Backs Away From Disparate Impact Liability

On June 9, 2026, the U.S. Department of Justice (DOJ) issued a formal opinion concluding that the Equal Opportunity Employment Commission’s (EEOC) existing interpretations of Title VII of the Civil Rights Act of 1964 (Title VII) disparate-impact liability, including the Uniform Guidelines on Employee Selection Procedures (UGESP), are unconstitutional. According to the opinion, EEOC’s prior interpretations contemplate liability based on disproportionately adverse effects alone, without regard to an employer’s likely intent, rather than treating disparate impact as an evidentiary mechanism to “smoke out” intentional discrimination. DOJ found that this approach functions as a “qualified racial-proportionality mandate” that places “a racial thumb on the scales, often requiring employers to evaluate the racial outcomes of their policies, and to make decisions based on (because of) those racial outcomes.” The opinion fulfills one mandate of Executive Order 14281, which rejected disparate-impact liability insofar as it “creates a near insurmountable presumption that unlawful discrimination exists wherever there are any differences in outcomes among different [demographic groups].”...

Client Alert | 4 min read | 06.12.26
Auto Dealers: The FTC Is Back in the Driver’s Seat — Warning Letters Signal Renewed Federal Scrutiny
Client Alert | 13 min read | 06.12.26
EU Cyber Resilience Act Countdown: 11 September 2026 Incident/Vulnerability Reporting Deadline Less Than 100 Days Away
Client Alert | 4 min read | 06.12.26
National Security Memorandum Aims to Accelerate Deployment of AI and Streamline Procurement Aligned to Administration Policies

View All Insights