With the growing adoption of IoT devices, cybersecurity regulations are crucial in mitigating data privacy and security. However, understanding the complex and unstructured nature of legal documents makes it difficult and time-consuming for companies to interact and comply with such regulations. This paper presents a methodology for extracting, structuring and representing legal knowledge from California Senate Bill 327(SB-327). Using natural language processing (NLP), ontology engineering, and deontic logic, we extract legal entities, relationships, and constraints. These are organized into an ontology and converted into a machine-readable knowledge graph, allowing manufacturers and stakeholders to visualize and get clear information about legal requirements easily. The methodology enables us to automate the reasoning about legal obligations, permissions, and prohibitions in a knowledge representation that can be easily visualized, analyzed,and understood by IoT manufactures. The proposed methodology is adaptable to other legal documents and supports scalable compliance monitoring for cybersecurity governance in the IoT.