Reassessing CMMC: DOD Suspends CMMC Phase II, But Core DFARS Obligations Endure
The U.S. Department of Defense has temporarily suspended implementation of Cybersecurity Maturity Model Certification (CMMC) Phase II while it conducts a 60-day review of the program, citing concerns over high compliance costs, limited third-party assessment capacity, and impacts on the defense industrial base. Although third-party certification requirements
News & Perspectives1d ago