What approach should the organization take in developing the Cybersecurity Management program?

PLEASE USE THE LINK AS A PRIMARY RESOURCE FOR THE ASSIGNMENT.I need 2 other sources but please make sure to get most information from the link that I provided, the other 2 can come from whichever credible source you see fit.
Here’s the link: https://www.energy.gov/sites/prod/files/2014/03/f13/C2M2-v1-1_cor.pdf
ALSO, MAKE SURE TO COMPARE AND BE UP TO STANDARD WITH THE RUBRIC THAT I ATTACHED
INSTRUCTIONSOur class focuses on integrating many different aspects of cybersecurity, information security, and information assurance. Recent developments in the field of cybersecurity have resulted in a number of “maturity models” which can be used by external assessors to evaluate the maturity level of an organization’s cybersecurity management program.
For this discussion paper, you will need to research the Department of Energy’s Cybersecurity Maturity Model and then compare it to the NIST Cybersecurity Framework and other frameworks listed in the course readings. After you have done so, write a position paper in which you recommend a cybersecurity framework or maturity model as the basis for assessing the cybersecurity program for Padgett-Beale Financial Services. Assessments will be performed on an annual basis beginning one year after the company launches its new operations.
Your 5-7 paragraph position paper must answer the following questions (at a minimum). (You will need to write clearly and concisely to fit all required information into this restricted length.)
What approach should the organization take in developing the Cybersecurity Management program? (What standards or frameworks should be used?)What laws and regulations must be addressed by the Cybersecurity Management Program in a financial services firm?What are the best practices that should be put into place to assess the maturity of PBI-FS’s cybersecurity management program?