The National Institute of Standards and Technology's Computer Security Resource Center released a publication on internet of things risk management. The document, entitled "Considerations for Managing IoT Cybersecurity and Privacy Risks," is intended to help federal employees understand and handle IoT risks affecting privacy and cybersecurity across a device's life cycle, the agency said.
NIST calls for federal agencies to consider the protection of device security, data security and privacy as high-level risk mitigation goals. The standardization agency recommends cybersecurity personnel to assess and understand IoT device risk challenges, tailor policies to address issues and implement mitigation practices across IoT devices.
The full report can be accessed here.