Margie Graves, federal deputy chief information officer, said a civilian counterpart to the Department of Defense’s proposed Cybersecurity Maturity Model Certification would require a different structure to meet civilian agencies’ wide range of missions, Nextgov reported Wednesday.
“We, as a civilian community, cannot adopt DOD rubrics writ-large,” Graves said in response to a question at the Professional Services Council’s annual Vision conference. “But, ultimately, we have to do what’s right for the mission spaces, and not all of those are uniform. Most of them in the civilian space don’t comport with DOD.”
In September, the Pentagon issued a draft version of the framework, which sets cyber standards and practices meant to help the defense industrial base reduce exfiltration of controlled unclassified information.