Cybersecurity Capability Maturity Model (C2M2) - Cybersecurity Maturity Model Certification (CMMC) Supplemental Guidance (Draft)

Bilak, Shawn; Brennan, Kaitlin

Cybersecurity Capability Maturity Model (C2M2) - Cybersecurity Maturity Model Certification (CMMC) Supplemental Guidance (Draft)

Active / Technical Report | Accesssion Number: AD1168443 |

Open PDF

Abstract:

The Cybersecurity Capability Maturity Model (C2M2) focuses on the implementation and management of cybersecurity practices associated with information technology (IT), operations technology (OT), and information assets and the environments in which they operate. The model can be used to: strengthen organizations' cybersecurity capabilities, enable organizations to effectively and consistently evaluate and benchmark cybersecurity capabilities, share knowledge, best practices, and relevant references across organizations as a means to improve cybersecurity capabilities, and enable organizations to prioritize actions and investments to improve cybersecurity capabilities.

Author(s):

Bilak, Shawn ; Brennan, Kaitlin

Author Organization(s):

CARNEGIE-MELLON UNIV PITTSBURGH PA

Funding Organization(s):

AIR FORCE LIFE CYCLE MANAGEMENT CENTER , HANSCOM AFB , MA ; DEPARTMENT OF ENERGY WASHINGTON DC, WASHINGTON , DC

Document Type:

Technical Report/Other

Publication Date:

2021 Jan 01

Pagination:

161

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution Code:

A - Approved For Public Release

Distribution Statement: Public Release

RECORD

Collection: TRECMS

Identifying Numbers

Contract Number(s):

FA8702-15-D-0002

Subject Terms

Modernization Areas:

Cyber

Communities of Interest:

Cyber

Descriptor(s):

cybersecurity, information systems, computer access control, information security, organizational structure, software development, computer security techniques, mobile phones, network protocols, risk analysis, computer programming, control systems, mobile devices, operating systems, security personnel, computer network security, reliability

Keyword(s):

c2m2(Cybersecurity Capability Maturity Model), ot(operations technology), it(information technology), information assets, cmmc(Cybersecurity Maturity Model Certification)

Subject Categories:

Mathematical and Computer Sciences; Behavioral and Social Sciences

Creation Date:

2022 May 11

Update Date:

2022 May 17