Cybersecurity, Privacy, & AI

Trending Now
CMMC Cybersecurity Rules Are Rolling Into Defense Contracts • CMMC Cybersecurity Rules Are Rolling Into Defense Contracts • VA Inventory Report Reveals 367 AI Systems Operating in Healthcare, Benefits and Services • FAR Council Proposes Revised CUI Framework as Part of Revolutionary FAR Overhaul With Important Guidance and Clarifications • FTC, Like States, Worried About Data Broker Activities

U.S. Dept. of Energy Seeks Comment on Updated Cybersecurity Capability Maturity Model

Jon Kraft | Shutterstock

Shortly before Thanksgiving, the Department of Energy issued a request for public comment on Version 2.0 of its Cybersecurity Capability Maturity Model (C2M2), which it released in July 2021 to help organizations of all sectors, types and sizes to “evaluate and improve their cybersecurity capabilities, considering their specific risk environment,” and to strengthen their operational resilience.

C2M2 – not to be confused with the DoD’s CMMC – “is a voluntary tool, tailored specifically for the energy industry, that enables companies to set targets, evaluate and benchmark their cybersecurity capabilities, and use the results to prioritize actions and investments.” It is “scalable for a company of any size” and “designed to evaluate practice in both the information technology (IT) and operational technology (OT) environments.” Comments on Version 2.0 and any additional information commenters wish to provide are due by Monday, December 27, 2021.

Source:

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–SaturdaySubscribe here.