The Cybersecurity Capability Maturity Model (C2M2) helps organizations evaluate their cybersecurity capabilities and optimize security investments.
It uses a set of industry-vetted cybersecurity practices focused on both information technology (IT) and operations technology (OT) assets and environments.