Search for: All records

Rapid expansion in the manufacture and use of Internet of Things (IoT) devices has introduced significant challenges in ensuring compliance with cybersecurity standards. To protect user data and privacy, all organizations providing IoT devices must adhere to complex guidelines such as the National Institute of Standards and Technology Inter agency Report (NIST IR) 8259, which defines essential cybersecurity guidelines for IoT manufacturers. However, interpreting and applying these rules from these guidelines and the privacy policies remains a significant challenge for companies. Thus, this project presents a novel approach to extract knowledge from NIST 8259 for creating semantically rich ontology mappings. Our ontology captures key compliance rules, which are stored in a knowledge graph (KG) that allows organizations to crosscheck and update privacy policy documents with ease. The KG also enables real-time querying using SPARQL and offers a transparent view of regulatory adherence for IoT manufacturers and users. By automating the process of verifying cybersecurity compliance, the framework ensures that companies remain aligned with NIST standards, eliminating manual checks and reducing the risk of non-compliance. We also demonstrate that compared to the baseline Large Language Models (LLMs), our proposed framework has more compliance accuracy, and is more efficient and scalable.