Late last year, the National Institute of Standards and Technology (“NIST”) released  Special Publication 800-160 (the “Guidance”) on implementing security in Internet-of-Things (“IoT”) devices.  The Guidance was released following several highly-publicized distributed denial-of-service (“DDoS”) attacks in 2016 and is intended to provide a framework for software engineers to better address security issues and to develop more defensible and survivable systems in a sustainable manner throughout the life cycle of these devices.