Energy Dept. releases voluntary maturity model tool for evaluating cyber posture

The Energy Department has released an update to its Cybersecurity Capability Maturity Model (C2M2), a tool designed to help organizations “evaluate and make improvements to their cybersecurity programs.”

“The C2M2, which was first released in 2012, is designed to help energy sector organizations understand cyber risks to their information technology (IT) and operational technology (OT) systems and measure the maturity of their cybersecurity capabilities,” DOE’s Office of Cybersecurity, Energy Security, and Emergency Response said Wednesday.

CESER said, “The updated model...