-

Statement on the Department of War’s Suspension of CMMC Phase II Requirements

NATIONAL HARBOR, Md.--(BUSINESS WIRE)--The Cyber AB, the official accreditation body for the Department of War’s Cybersecurity Maturity Model Certification (CMMC) program, acknowledges Monday’s Pentagon announcement of its suspension of CMMC Phase II requirements and the establishment of a CMMC Reform Task Force to conduct a 60-day review of the program.

“While we are both surprised and disappointed in yet another momentary pause to this original and vital Trump Administration program, we are confident that the continued and measurable progress of CMMC, the immense investment that companies throughout the DIB and within the CMMC Ecosystem have already made in its future, and the absolute criticality of third-party verification of cybersecurity conformity will prove itself indispensable under a rigorous review,” stated Chief Executive Officer Matthew Travis.

“We are standing by to cooperate with the CMMC Reform Task Force and provide them with the accurate information they will require to recommend needed improvements to the program.”

The final CMMC rule was just codified in the Code of Federal Regulations eight months ago, and the CMMC Program has already produced sizeable and steady outcomes in the furtherance of the Department’s supply-chain cybersecurity goals, including:

  • Over 1,000 CMMC Certified Assessors (CCAs)
  • 110 Authorized CMMC Third-Party Assessment Organizations (C3PAOs)
  • Nearly 2,000 defense contractors certified at CMMC Level 2 (FINAL)
  • Over 2,000 CMMC Certified Professionals (CCPs)
  • Over 2,000 CMMC Registered Practitioners and 400 Registered Practitioner Organizations
  • 52 CMMC Approved Training Providers

Considering the Pentagon’s announcement, The Cyber AB is emphasizing that only Phase II implementation requirements have been suspended and that all CMMC program elements remain operational and available, to include C3PAO Level 2 certification assessments, CAICO-sanctioned training courses, CMMC professional exams, Registered Practitioner support services, and the DIBCAC’s assessment of C3PAOs and candidate C3PAOs.

Travis continued, “NIST SP 800-171 and DFARS 7012 requirements remain in place and unchanged for most all contractors. A Level 2 certification by a C3PAO remains a compelling calling card for subcontracting viability to primes and the best insurance policy against False Claims Act risk.”

The Cyber AB will address the Phase II pause, the CMMC Reform Task Force, and other elements of the ongoing CMMC program at its July CMMC Town Hall on Tuesday, 28 July at 6:00 pm EDT. Registration for the Town Hall is available on The Cyber AB website.

“The Arsenal of Freedom demands the right balance of security and efficiency in order to protect and enable our warfighters,” said Travis. “The private-sector, market-based, industry-led approach that the CMMC Ecosystem employs is the converse of bureaucracy, but we know there is more innovation and improvement to be found and CMMC stakeholders want to contribute to this reform.”

For more information on CMMC or The Cyber AB, please visit our website at www.cyberab.org.

About The Cyber AB
The CMMC Accreditation Body, Inc. (d/b/a The Cyber AB) is a private, independent, Maryland-based, nonprofit, 501(c)(3) tax-exempt organization that serves as the sole official non-governmental partner of the Department of War, via a non-cost contract, for the authorization, accreditation, and administration of the CMMC Ecosystem.

Contacts

Media Contact:
Kimberly Kantor
kkantor@cyberab.org
678.313.2955 (m)

The Cyber AB


Release Versions

Contacts

Media Contact:
Kimberly Kantor
kkantor@cyberab.org
678.313.2955 (m)

More News From The Cyber AB

The Cyber AB Appoints Mathew Newfield as Executive Vice President and Chief Operating Officer

NATIONAL HARBOR, Md.--(BUSINESS WIRE)--The Cyber AB, the official accreditation body for the Department of War’s Cybersecurity Maturity Model Certification (CMMC) Program, is pleased to announce the appointment of Mathew Newfield as its new Executive Vice President and Chief Operating Officer. In this critical leadership role, Newfield will oversee the organization’s daily business operations, strategic scaling, and customer success, while also driving growth throughout the CMMC and Secure Cont...

The Cyber AB Announces Election of Board Officers and New Board Appointments

NATIONAL HARBOR, Md.--(BUSINESS WIRE)--The Cyber AB announced today the election of its officers to lead its Board of Directors in 2026-2027, as well as four (4) appointments of new Directors. Current Chair Paul Michaels was re-elected by the Board to serve as Chairman for another term, while Debbie Taylor Moore was elected as Vice Chair. Katherine Hennessey will serve as Secretary and Wayne Boline was elected to the at-large position on the Board’s Executive Committee. Chairman Emeritus Jeff D...

The Cyber AB Announces Initial Appointees to new C3PAO Advisory Council

NATIONAL HARBOR, Md.--(BUSINESS WIRE)--The Cyber AB today announced the initial slate of volunteers for its inaugural C3PAO Advisory Council. Owners, executives, and CMMC business area leaders among the Authorized CMMC Third-Party Assessment Organizations (C3PAOs) compose the Council, which serves as a recognized entity to provide feedback and recommendations for Cyber AB consideration in improving assessment processes and clarifying guidance. Members of the C3PAO Advisory Council are volunteer...
Back to Newsroom