The phased approach to rolling out DoD’s Cybersecurity Maturity Model Certification is accelerating with the department’s issuance of training guides late in March, said Stacy S. Bostjanick, director of CMMC policy, Office of the Undersecretary of Defense for Acquisition and Sustainment. She described how that and other steps are part of the foundation for the five-year effort. The CMMC will begin rolling out 15 practices in 2020-21, followed by 75 in 2022, 250 in 2023, 479 in 2024, and another 479 in 2025. The progressive program will increase complexity with higher levels of certification.
