Pentagon halts phase-two CMMC and launches 60-day reform to ease contractor compliance

TL;DR Summary
The Pentagon is suspending phase two of the Cybersecurity Maturity Model Certification (CMMC) plan and maintaining phase one self-assessments as it launches a 60-day reform review to rebalance the program toward faster capability delivery and lower barriers for small and non-traditional contractors; milestones are paused, with an emphasis on tangible cyber hygiene over costly third-party certifications, a shift supported by the SBA and potentially affecting up to 80,000 defense contractors.
- Pentagon suspends CMMC phase two requirements, launches review of program Federal News Network
- Forging the Arsenal of Freedom: Department of War Suspends CMMC Phase II Requirements U.S. Department of War (.gov)
- Pentagon announces ‘immediate suspension’ of CMMC Phase II mandates Breaking Defense
- BREAKING: Pentagon Suspends Phase 2 of CMMC Program National Defense Magazine
- Pentagon pauses cyber audit rule blamed for supplier exits Reuters
Reading Insights
Total Reads
0
Unique Readers
0
Time Saved
6 min
vs 6 min read
Condensed
94%
1,172 → 70 words
Want the full story? Read the original article
Read on Federal News Network