The Pentagon will make changes to its Cybersecurity Maturity Model Certification program by working with the National Institute of Standards and Technology to revise Special Publication 800-171, according to Defense Department assessment leader John Ellis, who says DOD has plans to propose additional controls from the old CMMC model for inclusion in the next update to the key NIST publication. DOD announced major changes on Nov. 4 to align the CMMC program more closely to NIST SP 800-171, which serves...