This document discusses the challenges that critical infrastructure organizations face with the increasing adoption of internet of things (IoT) technologies. It notes that while IoT will dramatically increase the amount of data collected, organizations are already struggling to extract useful, timely information from their existing data. The mass expansion of endpoints and legacy systems introduces new vulnerabilities that could overwhelm operators during incidents. Regulatory requirements and outsourcing practices also increase compliance risks. However, new technologies may help address some issues if properly implemented. The document calls utilities to evaluate cybersecurity risks, test defenses, and learn from other sectors' experiences to help secure their operations in an evolving threat landscape.