The Office of Advocacy at the Small Business Administration has outlined four areas of concern in the Pentagon's proposed rule to implement the Cybersecurity Maturity Model Certification program. “Advocacy is principally concerned with the ability for small businesses to meet and comply with the standards and timelines set out in the CMMC Program without further clarification and guidance documents from the DOD,” the office writes in comments submitted to the Defense Department on Feb. 26. DOD issued the first proposed...