Defense industry study identifies top concerns of CMMC stakeholders based on interim rule review

A new study from the National Defense Industrial Association finds stakeholders want more guidance on how to define controlled unclassified information under the Pentagon’s Cybersecurity Maturity Model Certification program.

NDIA’s findings, released today, come from a review of public comments submitted to the Defense Department on the interim final rule for the implementation of the CMMC program.

Controlling the flow of CUI is critical to the CMMC program, which aims to make acquisition officials and government contractors more aware of...