Summary: Before the end of the year, the Defense Department intends to finalize a rule change that will require any contractor it engages with to have obtained a certification of its cybersecurity practices from an approved external auditor. The program—known as Cybersecurity Maturity Model Certification—looks to eventually cover 300,000 contractors and subcontractors, many of which are anxiously waiting for the costs and details.
