The Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2) was developed in support of a White House initiative led by the Department of Energy (DOE), along with partnership that includes the Department of Homeland Security (DHS), and finally, collaboration with industry, private sector, and public-sector experts. The specific model was developed via an industry advisory group through a series of working sessions and revised based on feedback from industry experts and pilot evaluations.
Learn more about our signature product, the Global Information Security Compliance Packet (GISCP), the world's most complete security policy packet containing over 2,850 + pages of in-depth information security policies, procedures, forms, checklists, templates, provisioning and hardening documents, and much more.
Learn more today about the GISCP by viewing sample policies, forms, hardening documents, and more.
Furthermore, the advisory group for the initiative included representatives from industry associations, utilities, and government. Thus, the goal of the Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2) is to support ongoing development and measurement of cybersecurity capabilities within the electricity subsector through the following four objectives:
- Strengthen cybersecurity capabilities in the electricity subsector.
- Enable utilities to effectively and consistently evaluate and benchmark cybersecurity capabilities.
- Share knowledge, best practices, and relevant references within the subsector as a means to improve cybersecurity capabilities.
- Enable utilities to prioritize actions and investments to improve cybersecurity.
Security Policies are Critical for ES-C2M2 Compliance
The Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2) - like many other benchmarks, standards, and frameworks - is a bold an comprehensive move for helping ensure the confidentiality, integrity, and availability (CIA) of critical system resources in today’s world of ever-growing cybersecurity threats. An important component of complying with ES-C2M2 is putting in place comprehensive information security policies and procedures.
As for the ten (10) ES-C2M2 domains, they all require operational and information security policies and procedures – your solution is the industry leading Global Information Security Compliance Packet (GISCP) containing hundreds of policies, procedures –and much more – from Flat Iron Technologies, LLC. Available for immediate download, you’ll receive literally hundreds of high-quality policies, procedures, forms, checklists, templates, provisioning and hardening documents, and more.