The Department of Defense (DoD) issued an interim rule on Sept. 29, 2020 to amend the Defense Federal Acquisition Regulation Supplement (DFARS) to implement the Cybersecurity Maturity Model Certification (CMMC) framework. This interim rule includes new DFARS clause 252.204-7021, which specifies CMMC requirements and enables the department to verify the protection of Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) within the unclassified networks of Defense Industrial Base (DIB) companies. The interim rule became effective on Nov. 30, 2020, following the 60-day public comment period.....

https://www.defense.gov/Newsroom/Releases/Release/Article/2447770/cybersecurity-maturity-model-certification-pilots-for-fiscal-year-2021/