Pentagon separates rulemakings for NIST standards, CMMC as work to establish cyber certification program continues

By Sara Friedman / March 2, 2022 at 11:29 AM
The Defense Department is moving forward with its plans to split cyber certification requirements for contractors into two separate rulemakings, focused on NIST Special Publication 800-171 and the Cybersecurity Maturity Model Certification program. The split is part of the Pentagon’s effort to implement CMMC 2.0, which was outlined in a November advanced notice of proposed rulemaking. The notice said, “DOD will pursue rulemaking in both: (1) Title 32 of the Code of Federal Regulations (CFR); and, (2) title 48 CFR,...

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.

Log in to access this content.