MSPAlliance Applauds Department of Defense Suspension of CMMC Phase II, Calls for Smarter Cybersecurity Reform
PR Newswire
LAS VEGAS, July 16, 2026
MSP professional association says pause creates opportunity to strengthen cybersecurity while preserving the health of the Defense Industrial Base
LAS VEGAS, July 16, 2026 /PRNewswire/ -- MSPAlliance, the global association and certification body for managed service providers, today applauded the U.S. Department of Defense's decision to suspend implementation of Phase II of the Cybersecurity Maturity Model Certification (CMMC) program. MSPAlliance said the pause creates an opportunity to improve the program while preserving the cybersecurity protections required throughout the Defense Industrial Base (DIB).
The Department of Defense recently announced a temporary suspension of CMMC Phase II while it reviews the program and evaluates improvements intended to reduce unnecessary compliance burdens without compromising national security.
MSPAlliance said the pause should not be viewed as a retreat from cybersecurity, but as a chance to make CMMC more effective, more accessible, and more closely aligned with the operational realities of the organizations expected to comply.
MSPAlliance has consistently supported the goals of CMMC and the need for stronger cybersecurity across the defense supply chain. At the same time, the organization has warned that the current implementation places disproportionate financial and operational burdens on contractors, particularly small and medium-sized businesses that play a critical role in supporting the U.S. military.
"The Department of Defense has taken an important step by recognizing that cybersecurity and practical implementation must go hand in hand," said Charles Weaver, CEO of MSPAlliance. "Strong cybersecurity is not achieved through unnecessary bureaucracy. It is achieved through standards that organizations can realistically implement while continuing to innovate and support our national defense."
MSPAlliance believes the review period offers an opportunity to modernize the certification framework by:
- Reducing unnecessary administrative complexity
- Improving affordability for small and mid-sized defense contractors
- Expanding the availability of qualified assessments
- Maintaining rigorous cybersecurity standards based on measurable outcomes
- Encouraging broader participation throughout the Defense Industrial Base
"The goal should be stronger cybersecurity and a stronger defense supply chain," Weaver said. "When compliance becomes so difficult that capable organizations leave the market, everyone loses. This review gives government and industry an opportunity to build a program that is both secure and sustainable."
Through its Cyber Verify and CMMC readiness programs, MSPAlliance has worked with managed service providers, technology vendors, and defense contractors around the world to improve cybersecurity maturity, operational resilience, and regulatory compliance. The organization remains committed to working with government, industry, and standards bodies to help shape a practical path forward.
MSPAlliance encourages organizations affected by the CMMC changes to remain focused on cybersecurity best practices during the review period, including continued alignment with NIST SP 800-171 and other applicable Department of Defense requirements.
MSPAlliance's complete analysis of the CMMC Phase II suspension is available at: https://mspalliance.com/cmmc-phase-ii-suspension-a-necessary-reset-for-the-defense-industrial-base
About MSPAlliance
MSPAlliance® is the world's largest international association and certification body for cloud computing and managed service providers. For more than 25 years, MSPAlliance has developed and promoted standards for operational excellence, cybersecurity, privacy, and consumer protection. Through programs including Cyber Verify, Cloud Verify, and MSP Verify certification, the organization helps providers and their clients build trusted, secure, and resilient digital businesses.
Media Contact
MSPAlliance
Media Relations
Phone: 1-800-672-9205
Email: 418925@email4pr.com
Website: www.mspalliance.com
View original content to download multimedia:https://www.prnewswire.com/news-releases/mspalliance-applauds-department-of-defense-suspension-of-cmmc-phase-ii-calls-for-smarter-cybersecurity-reform-302826934.html
SOURCE MSPAlliance
