On July 13, 2026, the Department of War (DoW) announced the immediate suspension of Phase II of the Cybersecurity Maturity Model Certification (CMMC) program — the phase that was to require formal third-party (C3PAO) certification of Level 2 compliance beginning November 10, 2026. DoW Chief Information Officer Kirsten A. Davies described the move as consistent with Secretary of War Pete Hegseth's Acquisition Transformation System, which prioritizes speed to capability and lower barriers to entry for small, medium, and non-traditional defense contractors. DoW is launching a 60-day CMMC Reform Task Force to recommend a scaled-back, more efficient path forward, informed by industry feedback already gathered through a public Request for Information.
Search
Recent Posts
Categories
Tags
- 8(a) program
- Acquisition Transformation Strategy
- Anthropic
- Code of Federal Regulations
- Commercial Products
- Contractor’s Action Plan
- Controlled Unclassified Information
- Cybersecurity
- Cybersecurity Maturity Model Certification (CMMC)
- Cybersecurity Maturity Model Certification program
- Defense Contractors
- Defense Production Act
- Department of Defense
- Department of Energy
- Department of Homeland Security (DHS)
- Department of War
- Executive Order (EO)
- False Claims Act
- FAR
- FAR Council
- Federal Acquisition Regulations
- Federal Acquisition Regulatory Council
- Federal Acquisition Supply Chain Security Act
- Federal Contractors
- Federal Contracts
- Federal Government Contractor
- Federal Government Shutdown
- Federal Procurement
- General Services Administration
- Government Contracts
- Government Shutdown
- Iran
- National Defense Authorization Act
- Office of Management and Budget
- Procurement
- Revolutionary FAR Overhaul
- Service Contract Act (SCA)
- Small Business Administration
- Trump Administration
- Wage Determination