NIST released guidelines on cybersecurity for internet-connected devices

The National Institute of Standards and Technology, NIST, just released guidelines on cybersecurity for internet-connected devices. These guidelines are called Systems Security Engineering: Considerations for A Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems. The Guidance “addresses the engineering-driven perspective and actions necessary to develop more defensible and survivable systems.”

One of the main topics is the fact that the guidelines imply the importance of engineering Internet-connected devices in a way that security systems are directly built into the design and manufacturing processes. Furthermore, the guidelines describe the whole engineering process in order to improve cybersecurity, and reduce risk by implementing “trustworthy secure systems capable of protecting stakeholder assets.”

On top of this the guidelines state that the “objective is to address security issues from a stakeholder protection needs, concerns, and requirements perspective and to use established engineering processes to ensure that such needs, concerns, and requirements are addressed with appropriate fidelity and rigor, early and in a sustainable manner throughout the life cycle of the system.”