Industrial Internet Consortium Updates IoT Security Maturity Model

Share Article

Enhanced guidance for setting and meeting IoT security objectives

The Industrial Internet Consortium® (IIC) announced updates to its IoT Security Maturity Model (SMM) Practitioner’s Guide and associated Description and Intended Use white paper. The Security Maturity Model defines levels of security maturity for a company based on its security goals and objectives as well as its appetite for risk. This enables decision makers to appropriately invest to meet their specific security requirements.

The white paper is an introduction to Security Maturity Model concepts and the Practitioner’s Guide provides detailed, actionable guidance IoT stakeholders can use to assess and manage the security maturity of their IoT systems.

“The Security Maturity Model gives organizations an informed understanding of the security practices and mechanisms applicable to their industry and scope of their IoT solution,” said Frederick Hirsch, SMM Co-Author and Chair of the IIC Trustworthiness Task Group. “We’ve improved the clarity and usefulness of the Practitioner’s Guide by adding new guidance to the numerous practice tables, clarifying scoring and the case studies, and more – without changing the underlying model. The improvements are based on experience and feedback, including from training sessions. We’ve updated the white paper correspondingly.”

Version 1.2 of the white paper and guide are aligned with the IoT SMM: Retail Profile for Point-of-Sale Devices (also announced today), targeted specifically for the retail industry. The IIC is collaborating with industry groups to develop additional industry profiles (beyond the retail profile) to extend the model further.

The IIC IoT SMM Practitioner’s Guide v1.2, Description and Intended Use White Paper v1.2 and a list of authors who contributed to them can be found on the IIC website here.

About Industrial Internet Consortium
The Industrial Internet Consortium is the world’s leading organization delivering transformative business value to organizations, industry, and society by accelerating adoption of a trustworthy internet of things. The Industrial Internet Consortium is a program of the Object Management Group (OMG). For more information visit

Note to editors: The Industrial Internet Consortium is a registered trademarks of the Object Management Group. For a listing of all OMG trademarks, visit All other trademarks or registered trademarks are the property of their respective owners.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Karen Quatromoni
Visit website