Safeguarding any network starts with knowing every user and device connected to the infrastructure and the nature of data being accessed. Over just the last few years, the number and types of devices connected to home and work networks have increased substantially. One of the primary reasons behind this increase is the wide adoption of the Internet of Things $($IoT$)$ and the internet accessibility of operational technology $($OT$).$

Not too long ago, personal access to the internet was limited to desktops and laptops. However, now with IoT, practically any device can be connected to the internet. Some examples of this include smart TVs$,$ home appliances, baby monitors, doorbells, and health trackers. There is no question that the adoption of IoT devices has made a substantial enhancement in people's daily lives by providing unprecedented levels of convenience and insights.

Similarly, convergence is happening between traditional information technology $($IT$)$ and OT$.$ According to Gartner Links to an external site., OT is "hardware and software that detects or causes a change, through the direct monitoring and$/$or control of industrial equipment, assets, processes, and events" $($Gartner$,$ n$.$d$.).$

Our world depends on OT and related industrial systems for the reliable and stable delivery of essential services, such as power, water, and transportation. Furthermore, for years, humans manually managed and monitored these critical systems in an air$-$gapped environment with no access to the internet. However, today, ICS are being brought online at an alarming rate to deliver smart analytics, advanced capabilities, and cost savings.

For this assignment, apply what you have learned about the NIST CSF to an IoT or OT example. As covered in the video, NIST has recently published additional control frameworks that focus on risk management and responding to risk in the OT$,$ ICS, and IoT. Review the resources to these additional NIST controls and answer the following:

Choose one of the additional NIST frameworks and provide its overview, including its purpose, target audience, and importance.

Explain how your selected framework is helpful to an organization. How does it support the NIST CSF$\text{'}$s five functions: identify, protect, detect, respond, and recover?

Highlight the main takeaways that you have from reviewing your specific framework.

Resources

Guide to Industrial Control Systems $($ICS$)$ Security $($NIST SP $800-82)$ Links to an external site. by NIST

Industrial Automation and Control Systems Security $($ISA$99)$ Links to an external site. by ISA

Rounding Up Your IoT Security Requirements: Draft NIST Guidance for Federal Agencies Links to an external site. by Katerina Megas