The Defense Department is moving forward with its plans to split cyber certification requirements for contractors into two separate rulemakings, focused on NIST Special Publication 800-171 and the Cybersecurity Maturity Model Certification program. The split is part of the Pentagon’s effort to implement CMMC 2.0, which was outlined in a November advanced notice of proposed rulemaking. The notice said, “DOD will pursue rulemaking in both: (1) Title 32 of the Code of Federal Regulations (CFR); and, (2) title 48 CFR,...
