Skip to content
Home / Function (NIST CSF 2.0) / PR - Protect / IR - Infrastructure

IoT & SCADA

In SCADA, IoT, and OT (Operational Technology) security, normative documents are vital for protecting industrial and connected systems that control critical infrastructure. Standards such as IEC 62443 (industrial control systems security), ISO/IEC 27019 (energy sector information security), and NIST SP 800-183 (IoT security guidance) provide structured methods for risk assessment, access control, and secure system design. Regulatory bodies like CISA in the U.S., ENISA in the EU, and sector-specific authorities enforce compliance and issue guidelines to safeguard industrial networks and IoT ecosystems. Following these standards ensures that organizations can prevent unauthorized access, mitigate cyber-physical risks, and maintain operational continuity while meeting legal and industry requirements.

NIST IR 8349 Methodology for Characterizing Network Behavior of Internet of Things Devices

NIST Internal Report (IR) 8349, titled “Methodology for Characterizing Network Behavior of Internet of Things Devices,” outlines a comprehensive approach to capturing, documenting, and analyzing the network communication behaviors of… Read More »NIST IR 8349 Methodology for Characterizing Network Behavior of Internet of Things Devices

CIS Controls Internet of Things Companion Guide

The CIS Controls Internet of Things (IoT) Companion Guide provides detailed guidance on how to apply the cybersecurity best practices of the CIS Controls, particularly Version 8.1, to IoT environments.… Read More »CIS Controls Internet of Things Companion Guide

CISA Primary Mitigations to Reduce Cyber Threats to Operational Technology

The CISA “Primary Mitigations to Reduce Cyber Threats to Operational Technology” fact sheet outlines five core strategies for critical infrastructure operators to strengthen the cybersecurity of their operational technology (OT)… Read More »CISA Primary Mitigations to Reduce Cyber Threats to Operational Technology