Energy Dept. releases guide to help maturity model stakeholders understand Pentagon’s CMMC program

The Energy Department has published a guide comparing its voluntary maturity model for developing cybersecurity plans to the Pentagon’s upcoming program for defense contractors who are handling sensitive government data on nonfederal systems.

DOE’s Cybersecurity Capability Maturity Model (C2M2) is focused on “the implementation and management of cybersecurity practices associated with information technology (IT), operations technology (OT), and information assets and the environments in which they operate,” according to the guide published on Monday.

The guide says, “This document...