The Defense Department is working on adjudicating comments from an interim final rule that established the Pentagon's Cybersecurity Maturity Model Certification program, which officials said Wednesday could change based on ongoing work on maturity levels four and five. When the Pentagon released the current version of the CMMC model, maturity levels four and five were not completely fleshed out, according to DOD acquisition Chief Information Security Officer Katie Arrington who spoke at a Defense Acquisition University event Wednesday. The requirements...
