Due to the complexities involved in managing the security of IoT devices, as well as the high-value nature of many of the assets connected as part of some IoT solutions, standardization of best practices has proliferated. This effort involves both public and private bodies, and currently is largely voluntary. However, without sufficient industry-led management of IoT security, it is likely that regulation of the technology will become onerous.
The literature on IoT-related standards is complex and frequently industry-specific. However, there are many commonalities between different recommendations. A unified network security management approach like the Xaptum ENF is intended to satisfy such best practices.
This document is intended to provide some useful pointers into the vast body of standards. It is, of course, non-exhaustive.
These public (FERC) and private (NERC) entities provide standards/regulations for the energy industry. The guidelines are also useful in other critical infrastructure industries.