The Defense Department is making changes to version two of its Cybersecurity Maturity Model Certification program following a review of what controlled unclassified information needs to be protected under the second tier of the model, according to DOD Deputy Chief Information Officer for Cybersecurity David McKeown. In the original launch of CMMC 2.0, the Pentagon announced the consolidation of the program from five levels to three and removed the third-party assessment organization requirement for level one. The new level two...