Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Pentagon Reevaluates Cybersecurity Certification Strategy

Pentagon Reevaluates Cybersecurity Certification Strategy

Posted on July 14, 2026 By CWS

The Pentagon has decided to halt the implementation of Phase 2 of the Cybersecurity Maturity Model Certification (CMMC), initially planned for November, to undergo a thorough 60-day evaluation of the entire framework.

Reasons for the Suspension

Kirsten Davies, the Chief Information Officer at the Department of War, announced that this decision aims to remove bureaucratic barriers without compromising the level of cybersecurity required from contractors. Despite this suspension, contractors are still obligated to adhere to Phase 1 requirements and other existing regulations concerning the management of government information.

A new task force dedicated to CMMC review and reform will engage with industry stakeholders to gather feedback. This initiative seeks to propose simplified security measures that would expedite the contracting process, particularly benefiting small and nontraditional businesses.

Impact on Defense Contractors

According to Undersecretary of War for Acquisition and Sustainment Michael Duffey, the suspension is crucial to prevent smaller manufacturers from being excluded from defense contracts due to high compliance costs. The CMMC establishes a framework for ensuring companies dealing with government data meet essential cybersecurity standards before securing defense contracts.

The program also impacts contractors and subcontractors handling federal contract information or controlled unclassified information, irrespective of their size.

Future of CMMC Implementation

Originally, CMMC 2.0 had streamlined the certification process, reducing it from five levels to three. Level 1 addresses the protection of federal contract information, Level 2 aligns with NIST 800-171 for controlled unclassified information, and Level 3 focuses on safeguarding critical data against advanced persistent threats.

The rollout began on November 10, 2025, with initial phases requiring Level 1 and Level 2 self-assessments. Phase 2, slated for November 10, 2026, was to include Level 2 third-party certification assessments for new contracts but has been postponed due to a shortage of certified assessors.

The third phase, planned for November 2027, would introduce Level 3 certification, while the final phase aims for full integration into applicable contracts by 2028.

This strategic pause allows for a reassessment of the framework, ensuring that it remains effective and inclusive for all defense contractors.

Security Week News Tags:Certification, CMMC, Compliance, Contractors, Cybersecurity, Defense, government contracts, Pentagon, Review, small businesses

Post navigation

Previous Post: Microsoft Identifies Three Salesforce Threat Vectors
Next Post: U.S. Targets VPN and Cryptor Seller for Ransomware Aid

Related Posts

Echo Raises  Million in Series A Funding Echo Raises $35 Million in Series A Funding Security Week News
Vulnerabilities in CISA KEV Are Not Equally Critical: Report Vulnerabilities in CISA KEV Are Not Equally Critical: Report Security Week News
Mobile Forensics Tool Used by Chinese Law Enforcement Dissected Mobile Forensics Tool Used by Chinese Law Enforcement Dissected Security Week News
Cyber Insights 2026: Offensive Security; Where It is and Where Its Going Cyber Insights 2026: Offensive Security; Where It is and Where Its Going Security Week News
‘MadeYouReset’ HTTP2 Vulnerability Enables Massive DDoS Attacks ‘MadeYouReset’ HTTP2 Vulnerability Enables Massive DDoS Attacks Security Week News
Fraud Prevention Company SEON Raises  Million in Series C Funding Fraud Prevention Company SEON Raises $80 Million in Series C Funding Security Week News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • ModHeader Chrome Extension Pulled for Data Exfiltration Risk
  • U.S. Targets VPN and Cryptor Seller for Ransomware Aid
  • Pentagon Reevaluates Cybersecurity Certification Strategy
  • Microsoft Identifies Three Salesforce Threat Vectors
  • Telegram’s t.me Domain Suspension Disrupts Global Links

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • ModHeader Chrome Extension Pulled for Data Exfiltration Risk
  • U.S. Targets VPN and Cryptor Seller for Ransomware Aid
  • Pentagon Reevaluates Cybersecurity Certification Strategy
  • Microsoft Identifies Three Salesforce Threat Vectors
  • Telegram’s t.me Domain Suspension Disrupts Global Links

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark