The Coalition for Government Procurement is asking the Defense Department to provide guidance on when requirements under the Cybersecurity Maturity Model Certification program will go into effect for specific contracts, in response to a proposed rule to make changes to the Pentagon’s acquisition regulations. “The 48 CFR Proposed Rule, at DFARS 252.204-7021(b)(1)(i), calls upon the [contracting officer] to ‘fill in the required CMMC level.’ Proposed clause 242.204-7YYYY provides for notification to suppliers of the required certification level. The 48 CFR...