The Federal Profile promises to be a helpful tool for Federal agency use of IoT devices, and NIST should closely cabin its intended use to that specific context.

[JustinPerkins-CTIA]

Organization Name: CTIA Organization Type: Association that represents the U.S. wireless communications industry and the companies throughout the mobile ecosystem that enable Americans to lead a 21st century connected life. Document (Technical capabilities, Nontechnical capabilities): Both technical and nontechnical capabilities Feedback: NIST should make clear that the Federal Profile is intended for use in the Federal government context and recognize that the tool may not be helpful to non-Federal organizations and scenarios. NIST should provide guidance and tools that can empower the development of additional customized profiles in other sectors and verticals, beyond the Federal government. See attachment for CTIA’s full submission; Section II provides the full rationale for this feedback. Organization: Industry

CTIA Comments re NIST Federal Profile - 08-07-2020.pdf

[kevingbrady]

"Thank you for your comments. They've been reviewed and have been useful to our technical team. You will soon see the updated versions of these catalogs on the new GitHub page: IoT Device Cybersecurity Requirements Catalog."