Background - Privacy & Cybersecurity

Privacy & Cybersecurity

CONTACTS +

These Are a Few of Our Favorite IoT: NIST Finalizes Internet of Things Cyber Guidance

Jul.02.2019

NIST has finalized Internet of Things (IoT) risk management guidance, which derived from a draft publication.  The guidance informs government agencies how to understand and manage IoT risks throughout device lifecycles.  Industry can anticipate government focus on three high-level goals:

  1. Device security;
  2. Data security; and
  3. Individual privacy.

The publication highlights three differences between managing risks for IoT devices and conventional information technology devices:

  1. IoT devices interact with the physical world differently than conventional devices;
  2. IoT devices cannot be accessed and monitored the same as conventional devices; and
  3. The availability and effectiveness of cybersecurity and privacy capabilities are different for IoT devices than conventional devices.

While not mandatory, the guidance provides useful considerations for IoT cybersecurity and privacy risk management.

For more information, please contact the professional(s) listed below, or your regular Crowell & Moring contact.

Cheryl A. Falvey
Partner – Washington, D.C.
Phone: +1 202.624.2675
Email: cfalvey@crowell.com
Evan D. Wolff
Partner – Washington, D.C.
Phone: +1 202.624.2615
Email: ewolff@crowell.com
Peter B. Miller, CIPP/G/US/E, CIPM, CIPT
Senior Counsel – Washington, D.C.
Phone: +1 202.624.2506
Email: pmiller@crowell.com
Kate M. Growley, CIPP/G, CIPP/US
Counsel – Washington, D.C.
Phone: +1 202.624.2698
Email: kgrowley@crowell.com
Michael G. Gruden, CIPP/G
Associate – Washington, D.C.
Phone: +1 202.624.2545
Email: mgruden@crowell.com