These Are a Few of Our Favorite IoT: NIST Finalizes Internet of Things Cyber Guidance
Client Alert | 1 min read | 07.02.19
NIST has finalized Internet of Things (IoT) risk management guidance, which derived from a draft publication. The guidance informs government agencies how to understand and manage IoT risks throughout device lifecycles. Industry can anticipate government focus on three high-level goals:
- Device security;
- Data security; and
- Individual privacy.
The publication highlights three differences between managing risks for IoT devices and conventional information technology devices:
- IoT devices interact with the physical world differently than conventional devices;
- IoT devices cannot be accessed and monitored the same as conventional devices; and
- The availability and effectiveness of cybersecurity and privacy capabilities are different for IoT devices than conventional devices.
While not mandatory, the guidance provides useful considerations for IoT cybersecurity and privacy risk management.
Insights
Client Alert | 6 min read | 04.18.25
On April 11, 2025, the U.S. Department of Justice (DOJ) issued guidance regarding the implementation and enforcement of the newly enacted final rule, “Preventing Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons,” now referred to as the Data Security Program (DSP). The release included an Implementation and Enforcement Policy, a Compliance Guide, and Frequently Asked Questions (FAQs). Collectively, these documents are designed to help entities subject to the DSP understand and comply with the obligations set out under the Final Rule.
Client Alert | 2 min read | 04.18.25
Client Alert | 2 min read | 04.17.25
Client Alert | 5 min read | 04.15.25
Is Section 230 Going to Change? The FTC, DOJ and FCC Signal Significant Change for Online Businesses
