NATF has released new CIP-015 INSM guidance that confirms a risk-based approach for collection points, clarifies scope around ESP boundaries, contains numerous useful reference models, and reinforces practical retention strategies. It aligns closely with our INSM playbook, especially on passive visibility, multicast deduplication, and EACMS/BCSI determinations for INSM platforms.