The U.S. Department of Energy's Office of Cybersecurity, Energy Security and Emergency Response (CESER) has updated the Cybersecurity Capability Maturity Model (C2M2) based on real-world testing and user input.
The model serves as a form of self-assessment for energy organizations looking to improve their cybersecurity posture, according to a CESER statement. In the year since version 2.0 was released, there have been many shifts in the cyber threat landscape. In C2M2 version 2.1, CESER incorporated information on trends such as zero trust architecture, cloud and quantum computing, artificial intelligence (AI), ransomware defense and supply chain cybersecurity.