G-Tech Studios | Shutterstock

Defense Department CIO John Sherman wants to clarify the requirements of CMMC 2.0 and to engage more with small and medium-sized businesses. He said in a recent appearance that he sees the importance of the certification program – which was recently moved from the DoD’s acquisition office into his area of supervision – as “raising the waterline of cybersecurity across the DoD”. He wants to hear how companies with “a couple hundred people or fewer” are going to be impacted by it, but he also wants the private sector to know that “there’s a cost to not doing something like this” to the company itself, to the government, and to the country.

Source: