AAU, ACE, APLU, COGR, and EDUCAUSE submitted comments to the Department of Defense (DOD) in response to their Cybersecurity Maturity Model Certification (CMMC) 2.0 Program designed to enforce protection of sensitive unclassified information that is shared by the Department with its contractors and subcontractors. The letter commends the DOD for their significant progress in the development of this program while drawing attention to areas in need of further clarification or potential changes.