NIST publishes preliminary IoT cybersecurity practice guide

The National Institute of Standards and Technology (NIST) and its National Cybersecurity Center of Excellence (NCCoE) published draft guidelines titled ‘Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD)’ for public consultation. The guide is intended for IoT device and gateway manufacturers, communications service providers, and users of IoT devices. The guide focuses, among others, on the role MUD can play in achieving network security. The MUD architecture was introduced last month by the Internet Engineering Task Force (IETF) and is designed to make sure IoT devices conduct themselves only as intended by their manufacturers. The deadline for public comments is June 24.