NIST has been engaged for several years in developing guidance for Internet of Things (IoT) cybersecurity. We’ve held workshops, talked with stakeholders, published drafts, listened to your feedback, refined the content and presentation of our draft guidance, and now are proud to present the updated SP 800-213 and the updated catalog of capabilities in SP 800-213A. But always remember: The goal is to manage your risk … The IoT Cybersecurity Act of 2020 stated requirements for NIST to provide guidance for federal agencies on “the appropriate use and management by agencies of [IoT] devices”