On the Cyber Frontier of IoT Security
Client Alert | 1 min read | 04.11.18
In the Interagency Report on Status of International Cybersecurity Standardization for the Internet of Things (IoT), the National Institute of Standards and Technology (NIST) performed an extensive survey of current cybersecurity standards applicable or potentially applicable to IoT devices. Among the many key findings and discussions, some of the more notable are: (1) NIST elected not to define IoT due to the many varying definitions already in the field (see Annex A); (2) NIST used several functional IoT applications (connected vehicles, consumer devices, health/medical devices, smart buildings and smart manufacturing) to assess current cyber standards and gaps; (3) NIST recognized that no one-size-fits-all standards exist, as specific sectors will have differing risk scenarios and security objectives, thus requiring cyber standards to be tailored; and (4) IoT security should be built around eleven core areas of cybersecurity standardization. Also, NIST is looking for your comments on draft NISTIR 8200 by April 18. To learn more, join us at the IoT National Institute on May 9-10 in Washington, D.C.
Contacts
Insights
Client Alert | 8 min read | 10.01.25
On September 29, 2025, the U.S. Department of Commerce Bureau of Industry and Security (BIS) announced a sweeping Interim Final Rule (IFR), (the “Affiliates Rule”) expanding which entities qualify as Entity List or Military End-User entities, thereby subjecting those entities to elevated export control restrictions under the Export Administration Regulations (EAR). U.S. export restrictions applicable to entities on the Entity List, Military End-User (MEU) List, and Specially Designated Nationals and Blocked Persons (SDN List) now apply to foreign affiliates that are, in the aggregate, owned 50% or more by one or more of the aforementioned entities. An entity that becomes subject to these restrictions because of its ownership structure will be subject to the most restrictive controls that attach to any of its parent entities, regardless of ownership stakes.
Client Alert | 2 min read | 09.30.25
CARB Issues Preliminary List of Entities Covered by California Climate Disclosure Laws
Client Alert | 10 min read | 09.30.25
Client Alert | 7 min read | 09.29.25
White House Seeks Industry Input on Laws and Rules that Hinder AI Development