Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

EVENTS

Workshop on Foundational Cybersecurity Activities for IoT Device Manufacturers

workshop

March 5, 2025
9:00am - 4:30pm EST

NCCoE
9700 Great Seneca Highway, Rockville, MD 20850

Registration for in-person attendance closes on February 28, 2025.

You will receive additional arrival instructions via email on February 28th.

Virtual registration will remain open until the event concludes.

Registration Contact

crissy.robinson [at] nist.gov (Crissy Robinson)

Technical Contact

Barbara Bell Cuthill

barbara.cuthill@nist.gov

(301) 975-3273

Large city with lights showing IoT connections with blue background — Credit: Shutterstock

NIST will host a full-day hybrid workshop at the NCCoE to continue discussions related to a major update of NIST IR 8259. The day's activities will feature an overview of NIST's current status in updating NIST IR 8259 with extensive Q-and-A and invited speakers to discuss current cybersecurity and IoT topics relevant to the NIST IR 8259 updates with both in-person and virtual attendees. In-Person participation is encouraged, but the full day workshop will be broadcast virtually to those who cannot attend at the NCCoE.

Overview of Agenda

This workshop focuses on questions around updating Foundational Cybersecurity Activities for IoT Device Technology Manufacturers (NIST IR 8259). The planned updates incorporate a greater emphasis on

Taking a product viewpoint rather than a device-centric approach
Incorporating risk analysis in determining needed cybersecurity capabilities in the product
Greater emphasis on maintenance and end-of-support / end of life considerations
Applicability of IoT guidance to industrial contexts
Cybersecurity considerations around data management needed to support privacy goals

Agenda

8:30 - 9:00 AM	Registration/Check-in
9:00 – 9:15 AM	Welcome (Katerina Megas, NIST)
9:15 – 10:00 AM	Morning Keynote Presentation: Fortifying the Future: Enhancing IoT Security Frameworks Jon Boulos (Kimberly-Clark)
10:00 – 10:45 AM	IR 8259 Rev. 1 Preliminary Update: Overview (Mike Fagan)
10:45 – 11:00 AM	Break
11:00 – 11:55 AM	IR 8259 Rev. 1 Preliminary Update: Session 1 (Mike Fagan) Activities 1 and 2
11:55 AM – 1:00 PM	Lunch Break
1:00 – 1:45 PM	Afternoon Keynote Presentation Leveraging FIDO Alliance cybersecurity standards in support of IR8259 Brad Goodman (FIDO DO Working Group Chair, Distinguished member of the Technical Staff, Edge Computing, Dell)
1:45 – 2:45 PM	IR 8259 Rev. 1 Preliminary Update: Session 2 (Mike Fagan) Activities 3 and 4
2:45 – 3:00 PM	Break
3:00 -3:45 PM	IR 8259 Rev. 1 Preliminary Update: Session 3 (Mike Fagan) Activities 5 and 6
3:45 – 4:00 PM	Closing Remarks (Mike Fagan)

Visitor Access Requirement:

For Non-US Citizens: Please have your valid passport for photo identification.*
For US Permanent Residents: Please have your green card for photo identification.*
For US Citizens: Please have your state-issued driver's license. Regarding Real-ID requirements, all states are in compliance or have an extension through May 2025.*
NIST also accepts other forms of federally issued identification in lieu of a state-issued driver's license, such as a valid passport, passport card, DOD's Common Access Card (CAC), Veterans ID, Federal Agency HSPD-12 IDs, and Military Dependents ID.
*Use of apps, physical photocopies, and/or digital screenshots of your ID, Passport or Green card will not be accepted.

Information technology, Cyber-physical systems, Cybersecurity, Internet of Things (IoT) and Privacy