Department of Energy releases updated Cybersecurity Capability Maturity Model
The U.S. Department of Energy (DOE) released Version 2.0 (V2.0) of the Cybersecurity Capability Maturity Model (C2M2), a tool designed to help companies of all types and sizes evaluate and improve their cybersecurity capabilities. The C2M2 updates address the evolving cyber threat and technology landscape. The release of C2M2 V2.0 advances the Administration’s 100-day plan to confront cyber threats from adversaries who seek to compromise critical systems that are essential to U.S. national and economic security.
In April 2021, as part of the Biden Administration's effort to safeguard U.S. critical infrastructure, the DOE launched a 100-day coordinated initiative to enhance the cybersecurity of electric utilities’ industrial control systems (ICS). “The Biden Administration is committed to securing our nation’s critical energy infrastructure from increasingly persistent and sophisticated cyber threats and attacks,” said Puesh Kumar, Acting Principal Deputy Assistant Secretary for DOE’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER). “Through the release of C2M2 Version 2.0 and other activities under the 100-day ICS Cyber Initiative, we are taking deliberate action to protect against cyber threats and attacks.”