U.S. CODE
Rulings
AD/CVD
Notices
HTSUS
U.S. Code
Regs
More
Ports
About
Updates
Apps
Larger font
Smaller font
CustomsMobile Pro
beta now open!
Apply for a FREE beta account. Spaces are limited so apply today.
SIGNUP FOR BETA
SEARCH
Toggle Dropdown
Search US Code
Search Leg. Notes
Sort by Rank
Titles Ascending
Titles Descending
10 per page
25 Result/page
50 Result/page
U.S Code last checked for updates: Nov 22, 2024
All Titles
Title 15
Chapter 7
§ 278g-3a. Definitions...
§ 278g-3c. Guidelines on the dis...
§ 278g-3a. Definitions...
§ 278g-3c. Guidelines on the dis...
U.S. Code
Notes
§ 278g–3b.
Security standards and guidelines for agencies on use and management of Internet of Things devices
(a)
National Institute of Standards and Technology development of standards and guidelines for use of Internet of Things devices by agencies
(1)
In general
(2)
Consistency with ongoing efforts
The Director of the Institute shall ensure that the standards and guidelines developed under paragraph (1) are consistent with the efforts of the National Institute of Standards and Technology in effect on
December 4, 2020
—
(A)
regarding—
(i)
examples of possible security vulnerabilities of Internet of Things devices; and
(ii)
considerations for managing the security vulnerabilities of Internet of Things devices; and
(B)
with respect to the following considerations for Internet of Things devices:
(i)
Secure Development.
(ii)
Identity management.
(iii)
Patching.
(iv)
Configuration management.
(3)
Considering relevant standards
(b)
Review of agency information security policies and principles
(1)
Requirement
(2)
Review
In reviewing agency information security policies and principles under paragraph (1) and issuing policies and principles under such paragraph, as may be necessary, the Director of OMB shall—
(A)
consult with the Director of the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security; and
(B)
ensure such policies and principles are consistent with the information security requirements under subchapter II of chapter 35 of title 44.
(3)
National security systems
(c)
Quinquennial review and revision
(1)
Review and revision of NIST standards and guidelines
Not later than 5 years after the date on which the Director of the Institute publishes the standards and guidelines under subsection (a), and not less frequently than once every 5 years thereafter, the Director of the Institute, shall—
(A)
review such standards and guidelines; and
(B)
revise such standards and guidelines as appropriate.
(2)
Updated OMB policies and principles for agencies
(d)
Revision of Federal Acquisition Regulation
(
Pub. L. 116–207, § 4
,
Dec. 4, 2020
,
134 Stat. 1002
.)
cite as:
15 USC 278g-3b
.list_box li,p,.cm-search-info,.cm-search-detail,.abt span,.expand-collapse_top
Get the CustomsMobile app!