NIST is asking for public feedback on its updated IoT security guidelines. The revised document, SP 800-213 Revision 1, aims to help federal agencies securely integrate IoT products into their networks.
The update reflects how much has changed in five years. The original guidance focused mainly on IoT devices. The new version broadens the scope to IoT products, which includes components, firmware, and cloud services that make up the full stack.
Key point from NIST: not every capability in their catalog applies to every product. The goal is flexibility — letting organizations pick what actually makes sense for their use case rather than ticking every box.
The public comment period runs through August 24th. If you build or deploy IoT products for government use, now’s your chance to weigh in. The draft is available as a PDF on NIST’s website.
