The Pentagon has formally announced two new rulemakings that will make changes to its Cybersecurity Maturity Model Certification program, including the removal of third-party assessments for level one and starting a plan of action and milestones process. “This document provides updated information on DOD’s way forward for the approved Cybersecurity Maturity Model Certification (CMMC) program changes, designated as ‘CMMC 2.0.’ CMMC 2.0 builds upon the initial CMMC framework to dynamically enhance Defense Industrial Base (DIB) cybersecurity against evolving threats,” the...
