Cybersecurity, Privacy, & AI

Trending Now
What Business Leaders Need to Know About Cybersecurity Certification and Enforcement in 2025–2026 • NRC Efficiency Plan to Reuse DOE, DoD Data Met With Skepticism • Closed Briefing Sets Stage For House Hearing On Anthropic’s Mythos and Cyber Risks • CISA, G7 Partners Release AI Software Bill of Materials Guidance • OMB to Refresh the Federal IT Dashboard
Protests & Claims Newsletter Cyber & Privacy Newsletter Compliance & Enforcement Newsletter Development Newsletter Transforming Procurement Newsletter
Published on November 5, 2019 Cyber

Civilian Vendor Cybersecurity Certification Would Look Very Different From DoD

Civilian Vendor Cybersecurity Certification Would Look Very Different From DoD

Gorodenkoff | Shutterstock

The Defense Department is working on a new Cybersecurity Maturity Model Certification policy that will require its vendors to confirm their own systems have strong enough cybersecurity to protect the department’s secrets. A civilian agency counterpart to that would look very different from what the Pentagon is developing, says deputy federal CIO Margie Graves.

A similar program would be useful in the civilian space but would require a much different framework, according to Graves. “We, as a civilian community, cannot adopt DOD rubrics writ-large,” she said. “But there are some aspects of the civilian agencies – I would say, [the Homeland Security and Justice departments] and others in the law enforcement among them – that are similar. We could actually learn from the framework that’s being set up with DOD on that issue.”

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–SaturdaySubscribe here.

© PubKGroup 2024