The Defense Department has released a highly anticipated proposed rule to implement its Cybersecurity Maturity Model Certification program with details on the assessment ecosystem, key elements and the use of a plan of action and milestones. “DOD is proposing to establish requirements for a comprehensive and scalable assessment mechanism to ensure defense contractors and subcontractors have, as part of the Cybersecurity Maturity Model Certification (CMMC) Program, implemented required security measures to expand application of existing security requirements for Federal Contract...