NIST has finalized Internet of Things (IoT) risk management guidance, which derived from a draft publication.  The guidance informs government agencies how to understand and manage IoT risks throughout device lifecycles.  Industry can anticipate government focus on three high-level goals:

  1. Device security;
  2. Data security; and
  3. Individual privacy.

The publication highlights three differences between

© Getty Images

Fuzzy talking toys are no longer the annoying, yet benign Christmas gifts they used to be. Many of today’s toys, like refrigerators, cars, and televisions, are “smart,” and may come gift-wrapped with all of the emerging cybersecurity risks the internet has to offer. And as various government agencies grapple with the regulation and enforcement of smart products, the Federal Trade Commission (“FTC”) may be narrowing in on smart toy manufacturers as a potential target. The FBI and FTC issued separate alerts last week highlighting potential threats posed by cuddly friends that collect children’s voices and other identifying information and putting manufacturers on notice of potential enforcement actions for failure to comply with the Children’s Online Privacy Protection Act (“COPPA”), respectively.


Continue Reading