These Are a Few of Our Favorite IoT: NIST Finalizes Internet of Things Cyber Guidance
Client Alert | 1 min read | 07.02.19
NIST has finalized Internet of Things (IoT) risk management guidance, which derived from a draft publication. The guidance informs government agencies how to understand and manage IoT risks throughout device lifecycles. Industry can anticipate government focus on three high-level goals:
- Device security;
- Data security; and
- Individual privacy.
The publication highlights three differences between managing risks for IoT devices and conventional information technology devices:
- IoT devices interact with the physical world differently than conventional devices;
- IoT devices cannot be accessed and monitored the same as conventional devices; and
- The availability and effectiveness of cybersecurity and privacy capabilities are different for IoT devices than conventional devices.
While not mandatory, the guidance provides useful considerations for IoT cybersecurity and privacy risk management.
Contacts
Partner, Crowell Global Advisors Senior Director
- Washington, D.C.
- D | +1.202.624.2698
- Washington, D.C. (CGA)
- D | +1 202.624.2500
Insights
Client Alert | 10 min read | 10.15.25
Understanding the EU’s International Procurement Instrument
In June 2025, the European Commission adopted its first-ever measures under the International Procurement Instrument Regulation (IPI), restricting access to the EU public procurement market for medical devices for economic operators and medical devices from the People’s Republic of China. This is the first application of the IPI, a new trade instrument aimed at tackling lack of reciprocity in access to public procurement in third countries.
Client Alert | 4 min read | 10.14.25
Client Alert | 35 min read | 10.13.25
Building Blocks of Design Law: CJEU rules on LEGO Group Modular Design Protection
Client Alert | 3 min read | 10.13.25
