top of page

NIST Releases Cybersecurity Risk Management Draft for Comment

Updated: Nov 23, 2020

This month, NIST (the National Institute of Standards and Technology) published a draft document entitled Key Practices in Cyber Supply Chain Risk Management: Observations from Industry. This draft document provides cybersecurity strategies for businesses in every sector and is based on 24 case studies (2015-2019), prior NIST research, and various standards and best-practice documents.

Most notably, the document encompasses a formal risk management program with accompanied suggestions tailored to organizations’ unique needs in order to support companies in their endeavors to bolster cyber supply chain security. According to Jon Boyens of NIST, the heart of the problem with cybersecurity lies in the fact that everything in the 21st century is interconnected. Furthermore, supply chain risks serve as one of the biggest links to cyber breaches.

Cybersecurity is a vital element in any company’s risk management program. Since the birth of IoT, companies have had increasing difficulty protecting themselves from hackers and bad actors. Just last year, the US, EU, and Canada all passed legislation in order to strengthen IoT device security. These efforts were introduced due to a rising number of security breaches; from 2018-2019, 50% of organizations experienced a cyberattack on an IoT device.

In 2018, hacking/malware accounted for 47 percent of company breach incidents. When a company depends on technology in order to perform services—especially when those services could save someone’s life—it’s vital that they are protected with a robust cybersecurity risk management program. In 2019, data breaches and ransomware attacks cost the healthcare sector $4 billion. But more importantly, it interfered with patients receiving the care they needed.

Designing a safe product is only one variable in the equation. Designing a program that ensures robust cybersecurity is another. When correctly and thoughtfully addressed, these two variables can, however, result in a durable product.

IoT devices are not only susceptible to cyberattacks; they are also susceptible to EMI. Rhein Tech Laboratories can solve any EMI issues your IoT device may face. Not only is our company fully equipped to help you test and redesign your device, but we also provide first-rate service and schedule flexibility. Call us today with any questions; we’d be glad to help!

Recent Posts

See All

FCC RF Exposure for Wearable Device

Question: Has the FCC issued RF exposure guidance for an on-body device equipped with motion sensors to control its conducted power? Answer: On August 24, 2023 the FCC posted under KDB 447498 the foll

ISED Canada Permissive Changes

Question: How should we proceed with respect to the Canadian certification for our wireless device following changes we’ve made to it? Answer: Without knowing the changes made or any impact on the rad


Commenting has been turned off.
bottom of page