The first official Cybersecurity Maturity Model Certification assessment starts Aug. 22 under the Pentagon's "joint surveillance voluntary program," where a certified third-party assessment organization will conduct the examination and report results to the Defense Contract Management Agency for final approval. The joint program allows voluntary assessments to start and then be converted into a three-year CMMC certification when the rulemaking goes into effect. The Pentagon’s CMMC program is overseen by the office of the DOD chief information officer and supported...