U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Announcements

Cybersecurity Capability Maturity Model to NIST Cybersecurity Framework Mapping

NIST | NCCoE

The NIST National Cybersecurity Center of Excellence (NCCoE) and the U.S. Department of Energy (DOE) Office of Cybersecurity, Energy Security, and Emergency Response (CESER) have been working to map recent updates of the Cybersecurity Capability Maturity Model (C2M2) to the NIST Cybersecurity Framework (CSF).

The draft mapping of C2M2 Version 2.0 is complete. The draft mapping of Version 2.1 – the latest version of the C2M2 – is under way and will be posted for public comment when complete.

Details:

The NCCoE and CESER are seeking public comments on the draft C2M2 V2.0 to CSF mappings.

NIST requests that all comments be submitted by 11:59 pm Eastern Time on January 20, 2023.

Please submit your comments to C2M2_CSF_mappings@nist.gov. Comments are requested on both mapping spreadsheets.

We encourage you to submit comments using this comment template.