WHAT: The U.S. Department of Defense (DOD) this month published the second of two final rules needed to begin phasing in the long-awaited Cybersecurity Maturity Model Certification (CMMC) Program.

It applies where CUI is resident in a contractor system that is not operated on behalf of the federal government, and therefore is not subject to the Federal Information Security Modernization Act or ...

With the November 10 deadline behind them, defense contractors face immediate compliance pressure, limited assessment capacity, and zero tolerance from the DoD, making CMMC ...

January 09, 2026 - An audit , opens new tabby the U.S. Department of Defense Office of Inspector General (DoD OIG) has identified critical weaknesses in the Pentagon's process for authorizing ...

The Department of Defense’s Cybersecurity Maturity Model Certification is more than a compliance checklist. It is, in my view, a strategic transformation designed to strengthen the entire defense ...

CMMC is a unified assessment model created by DOD in response to the growing threat of cyberattacks and data theft from the defense contractors. CMMC is designed to ensure that DOD contractors and ...

Forbes contributors publish independent expert analyses and insights. Heather Wishart-Smith is a board director who covers innovation. When the Cybersecurity Maturity Model Certification rule became ...

Kiteworks is urging defense contractors to accelerate their cybersecurity and compliance readiness following the Department of Defense (DoD) announcement finalizing the Cybersecurity Maturity Model ...