C2M2

Text Description automatically generated     C2M2 

 

The Cybersecurity Capability Maturity Model (C2M2) can help organizations of all sectors, types, and sizes to evaluate and make improvements to their cybersecurity programs and strengthen their operational resilience. 

 

The C2M2 focuses on the implementation and management of cybersecurity practices associated with information technology (IT), operations technology (OT), and information assets and the environments in which they operate. The model can be used to: 

 

  • Strengthen organizations’ cybersecurity capabilities
  • Enable organizations to effectively and consistently evaluate and benchmark their cybersecurity capabilities
  • Share knowledge, best practices, and relevant references across organizations as a means to improve cybersecurity capabilities
  • Enable organizations to prioritize actions and investments to improve cybersecurity capabilities

 

A self-evaluation using the C2M2 can be completed by most organizations in one day, but the model could also be adapted for a more rigorous self-evaluation effort. The C2M2 is designed to guide the development of a new cybersecurity program or for use with a self-evaluation methodology to enable an organization to measure and improve an existing cybersecurity program.

 

The C2M2 provides descriptive rather than prescriptive guidance. The model content is presented at a high level of abstraction so it can be interpreted by organizations of various types, structures, sizes, and industries.

 

Tel Aviv University makes every effort to respect copyright. If you own copyright to the content contained
here and / or the use of such content is in your opinion infringing Contact the referral system >>
Tel Aviv University, P.O. Box 39040, Tel Aviv 6997801, Israel