The Defense Department has clarified its plans for the rollout of the Cybersecurity Maturity Model Certification program through the release of a class deviation postponing an Oct. 1 compliance requirement for contractors in a 2020 interim final rule put on hold by the Biden administration. “Effective immediately, contracting officers shall not use the contract clause at Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7021, Contractor Compliance With the Cybersecurity Maturity Model Certification Level Requirement, in new solicitations and contracts,” according to...
