NIST Keeps IoT Hot with Draft Guidance
Client Alert | 1 min read | 01.22.21
The National Institute of Standards & Technology (NIST) has published three draft addenda to its manufacturer IoT guidance NISTIR 8259, as well as draft guidance for federal agencies, NIST SP 800-213, on integrating IoT devices into their networks. Notably, NIST published the addenda—8259B, 8259C, and 8259D—and 800-213 just days after the enactment of the Internet of Things Cybersecurity Improvement Act of 2020, in which Congress directed NIST to draft and finalize security guidelines for IoT devices procured by the federal government. While neither the 8259 addenda nor 800-213 fall within the Act's purview, they are likely to inform NIST's development of its IoT cybersecurity guidance under the Act. This is particularly true with regard to both 800-213 and addendum 8259D, the latter of which offers a "worked example" of implementing the core 8259 requirements within the specifications of the FISMA process and the NIST SP 800-53 security controls.
Contacts
Insights
Client Alert | 6 min read | 01.06.26
California Privacy Agency Launches Data Broker Strike Force Amid Delete Act Crackdown
The California Privacy Protection Agency (“CPPA”) is intensifying its oversight of data brokers with a new dedicated Data Broker Enforcement Strike Force within its Enforcement Division. The strike force will monitor and investigate data brokers’ compliance with their legal obligations under California’s Delete Act and the California Consumer Privacy Act (“CCPA”).
Client Alert | 4 min read | 01.05.26
Another Court Rules CASA Does Not Limit Universal Relief Available Under the APA
Client Alert | 7 min read | 01.05.26
Consideration of Artificial Intelligence in Arbitration Terms of Reference
Client Alert | 4 min read | 12.31.25
Raising the Bar: New York Expands Consumer Protection Law with FAIR Business Practices Act
