Meeting the standards laid out in the Pentagon's Cybersecurity Maturity Model Certification program is a necessary start to buying down supply chain risk through establishing good cyber hygiene, but cyber experts say CMMC would not necessarily have helped contractors detect or prevent exposure to the SolarWinds attack. The CMMC program's current focus is on level three, which establishes a cyber regime around controlled unclassified information. Inside Cybersecurity spoke with attorneys about the benefits of CMMC for the defense industrial...