The National Institute for Standards and Technology (NIST) has recently issued an introductory document addressing the privacy risks involved with IoT. The Draft NISTIR 8228, Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks, aims to increase the awareness of federal agencies and related organizations concerning cybersecurity and privacy risks associated to IoT devices. NISTIR 8228 intends to serve as a baseline publication for risk mitigation for all kinds of IoT devices.

The Draft NISTIR 8228 highlights the risks that IoT devices entail as these devices interact differently with information systems compared to traditional IT devices. The Draft presents three risk mitigation goals for organizations:

Read the Draft NIST IOT Risk Management Document