The Department of Defense (DOD) is expected to finalize a new rule, referred to as CMMC 2.0, by the end of 2023 that will significantly enhance the Cybersecurity Maturity Model Certification (CMMC) framework and related cybersecurity requirements for defense contractors.

CMMC 2.0 will change the DOD’s security requirements in the following ways: Re-classify contractors into three levels of cybersecurity instead of five Allow for contractors to conduct self-assessments to show compliance for select contracts with lower security requirements Allow for limited flexibility in compliance through plans of action and waivers Read more about this story on our LinkedIn page