CMMC 2.0 Archives

(Screenshot of Michael Duffey, President Donald Trump’s nominee to be undersecretary of defense for acquisition and sustainment, testifying at his confirmation hearing with the Senate Armed Services Committee, March 27, 2025)

Trump’s Pentagon acquisition chief nominee vows to review controversial CMMC program

Michael Duffey, nominated by President Trump to be undersecretary of defense for acquisition and sustainment, testified at his confirmation hearing Thursday.

Mar 27, 2025 By Jon Harper

Report finds large gap in CMMC readiness among defense industrial base

A survey conducted by Redspin found that over half of respondents did not feel prepared for CMMC's requirements, which will go into effect by mid-2025.

Jan 28, 2025 By Mikayla Easley

Dave McKeown delivers a keynote at DefenseScoop’s DefenseTalks conference. (DefenseScoop)

DOD taps McKeown to serve as new special assistant for cybersecurity innovation

As part of the new role, McKeown will stand up and helm the DOD CIO's new Cybersecurity Center of Excellence.

Dec 20, 2024 By Mikayla Easley

An aerial view of the Pentagon, Washington, D.C., May 15, 2023. (DoD photo by U.S. Air Force Staff Sgt. John Wright)

DOD releases final rule for CMMC, setting the stage for implementation next year

The publication of the final rule moves to establish the CMMC 2.0 program in federal law.

Oct 11, 2024 By Mikayla Easley

DOD launching fully operational vulnerability disclosure program for defense industrial base

The Defense Department’s Cyber Crime Center announced that it is setting up an official Defense Industrial Base-Vulnerability Disclosure Program (DIB-VDP).

Apr 19, 2024 By Mikayla Easley

Lockheed Martin employees work on the F-35 Lightning II Joint Strike Fighter production line in Fort Worth, Texas. (Photo from DVIDS)

New DOD strategy aims to improve contractors’ cybersecurity, resiliency

The Defense Industrial Base Cybersecurity Strategy outlines four goals as well as corresponding objectives that cover activities from fiscal 2024 to 2027.

Mar 28, 2024 By Mikayla Easley

Pentagon reveals updated cost estimates for CMMC implementation

The projections were included in a proposed rule for Cybersecurity Maturity Model Certification that was published in the Federal Register.

Dec 28, 2023 By Jon Harper

A logo sits illuminated at the Microsoft booth on day 2 of the GSMA Mobile World Congress at Fira Barcelona on February 28, 2023 in Barcelona, Spain. (Photo by Xavi Torrent/Getty Images)

Microsoft completes voluntary CMMC assessment, a win for smaller contractors using its services

DIB contractors that use Microsoft cloud services may only need to meet a small portion of CMMC's 110 controls after the cloud provider passed its voluntary assessment.

Mar 7, 2023 By Billy Mitchell

River entrance of the U.S. Department of Defense. (Getty Images)

DOD planning to use NIST 800-171 as evaluation criteria for contracts prior to CMMC rule

The NIST standards have been part of federal law for contractors for several years, but until now, contracting officers have been "lackadaisical" about enforcing them, said the…

Sep 21, 2022 By Billy Mitchell

Department of Defense, DOD, Pentagon — (DOD / Lisa Ferdinando)

DOD exploring requirements for managed service providers under CMMC

The Pentagon's officials overseeing the development of CMMC are planning to meet soon to address potential requirements for managed service providers under the program.

Jun 2, 2022 By Billy Mitchell