CMMC 2.0

• More companies may have to get a CMMC assessment after all

  DoD is rolling back an aspect of the plan that would have allowed some 40,000 companies to self-attest to their cybersecurity practices.

  Cybersecurity

  February 10, 2022
• Pentagon shifts CMMC program to CIO, eliminates Arrington’s old role

  The Cybersecurity Maturity Model Certification program is moving to the CIO's office, while Katie Arrington's former role is being disestablished.

  Defense News

  February 03, 2022
• The Pentagon’s new cybersecurity model is better, but still an incremental solution to a big challenge

  The Pentagon announced in November a new “strategic direction” for its Cyber Maturity Model Certification, calling it CMMC 2.0 and essentially admitting the first iteration was overly complex and costly.

  Commentary

  January 17, 2022
• An update on CMMC

  Michael Speca, president of Ardalyst, joins host John Gilroy on this week's Federal Tech Talk to give us an update on the CMMC initiative from the Department of Defense.

  Federal Tech Talk

  December 13, 2021
• Congressional auditors point to challenges ahead for Pentagon’s CMMC program

  The review found concerns over compliance, cost, reciprocity and more, issues that aren't going away as the Pentagon overhauls the program.

  Defense

  December 10, 2021
• Pentagon considers incentives to get companies to CMMC 2.0 early

  The Pentagon is considering profit incentives and source selection criteria to get defense contractors to up their cybersecurity game before CMMC 2.0 becomes a reality.

  Defense

  November 26, 2021
• CMMC 2.0 could take as long as two years to come online

  The Pentagon is encouraging defense contractors to up their cybersecurity game, but new requirements could take until 2023 to show up in contracts.

  Defense News

  November 10, 2021