The Defense Department has finalized a rulemaking to revise the use of its supplier risk system platform for acquisition officials when evaluating bids for contracts, making a move that stakeholders see as a precursor for the Pentagon's Cybersecurity Maturity Model Certification program becoming part of the formal acquisition process.