The Information Technology Industry Council anticipates details on incorporating acquisition requirements for contractors under the Pentagon's Cybersecurity Maturity Model Certification program will come in the next rulemaking for the initiative, which will focus on making changes to the Defense Department's acquisition regulations. The Defense Department is working on two rulemakings to implement the CMMC program, starting with one to amend Title 32 of the Code of Federal Regulations that was published Dec. 26 as a proposed rule. A second rule...
