Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information Technology Laboratory /Applied Cybersecurity Division

NIST Cybersecurity for IoT Program

The Cybersecurity for IoT Program’s mission is to cultivate trust in the IoT and foster an environment that enables innovation on a global scale through standards, guidance, and related tools.

IoT Manufacturer Guidance

Read more about NIST's guidance for manufacturers and supporting parties creating IoT devices and products.

Enterprise Guidance

Read more about NIST guidance for Federal Agencies and other enterprises looking to deploy IoT devices in their systems.

Consumer IoT Products

Read more about the NIST's technical contributions that the FCC adopted for the Cyber Trust Mark program.

The Challenge

Fostering cybersecurity in the IoT ecosystem, across industry sectors and at scale

Recent Announcements

On March 5, 2025 NIST will hold a Workshop on Foundational Cybersecurity Activities for IoT Device Manufacturers to continue discussions related to a major update of NIST IR 8259. The day's activities will feature an overview of NIST's current status in updating NIST IR 8259 to discuss current cybersecurity and IoT topics relevant to the NIST IR 8259 updates.
On January 27, 2025, NIST published four translations of Profile of the IoT Core Baseline for Consumer IoT Products (NISTIR 8425)
Perfil del núcleo básico de IoT para productos IoT de consumo (Spanish)
Profil du noyau de base de l'IdO pour les produits IdO grand public (French)
Perfil da linha de base principal de IoT para produtos de IoT para consumidores (Portuguese)
Profil der IoT-Referenzgrundlage für Verbraucher-IoT-Produkte (German)
The IoT Advisory Board Report including all findings and recommendations of the board is now available.
In October, 2024, NIST released a video explanation of the Profile of the IoT Core Baseline for Consumer IoT Products (NISTIR 8425)
On September 10, 2024, NIST Published Recommended Cybersecurity Requirements for Consumer-Grade Router Products (NISTIR 8425A)

About the Program

NIST’s Cybersecurity for the Internet of Things (IoT) program supports the development and application of standards, guidelines, and related tools to improve the cybersecurity of IoT systems, connected products, and the environments in which they are deployed. By collaborating with stakeholders across government, industry, international bodies, academia, and consumers, the program aims to cultivate trust and foster an environment that enables innovation on a global scale.

The IoT Cybersecurity Program charter was established at the end of 2016 with three overarching program goals.

Supports the development and application of standards, guidelines, and related tools to improve the cybersecurity of IoT systems and the environments in which they are deployed.

Collaborate with stakeholders across government, industry, international bodies, and academia.

Cultivate trust and foster an environment that enabe innovation on a global scale.

Mailing List

The Cybersecurity for IoT program uses the GovDelivery to email announcements, join our mailing list to be among the first to receive NIST IoT cybersecurity news and information. Sign up or log in for email updates and select “IoT Cybersecurity” under Information Technology Laboratory (ITL) > Cybersecurity Programs.