The Pentagon announced Monday it is suspending planned implementation of the next Cybersecurity Maturity Model Certification (CMMC) phase, which included third-party audits, as it reviews the future of the program. While current Phase I requirements for industry to self-assess for cyber security compliance will remain in place, Pentagon officials said the costs and bureaucratic burdens associated with current CMMC plans were deterring some small businesses and newer defense entrants from pursuing contracts with the department. “While the original intent of…
By