Pentagon pauses cyber audit rule blamed for supplier exits
XLI•Program was intended to protect sensitive information
The Defense Department's long-delayed U.S. Cybersecurity Maturity Model Certification (CMMC) began in November 2025 and aims to protect sensitive information, known as controlled unclassified information.
Pentagon suspends next phase of cyber certification program
The Pentagon is suspending the next phase of a cybersecurity certification program for defense contractors, backing off a compliance requirement that industry executives had warned was pushing small suppliers out of military work and narrowing competition in the defense supply chain.




