Security maturity model
The various connected assets in an organization do not require the same level of security measures. For example, security measures for critical infrastructure and those for a handheld mobile device need not be of the same degree. Every organization needs to balance what is ideally desirable with what's practical and actionable in terms of resources. To guide you in the process, the IIC has defined the IoT Security Maturity Model (IIC-SMM), a conceptual framework to organize various considerations to determine the maturity level of a given system.
The security maturity model can be used to identify the comprehensiveness and alignment necessary for different maturity levels appropriate for a specific industry. The framework can also be applied in the context of a specific organization, or a production environment, or at a specific system level to define what the current state of security is and the security target state. The following is an excerpt from IIC's "IoT Security...