The U.S. Department of Defense has unveiled a proposed Cybersecurity Maturity Model Certification rule that would require federal contractors to attain a particular cybersecurity level by contract awarding but would also enable the waiving of certain evaluation requirements involving federal contract information disclosure or creation, reports DefenseScoop.
Article Link: Proposed CMMC rule includes requirement waiver requests | SC Media