Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Marti Arvin and Anthony Buenger on the CMMC Framework
The U.S. Department of Defense (DoD) recently issued a memorandum signaling that defense contractors soon will be required to comply with new cybersecurity compliance requirements. The memorandum establishes...more
Federal contractors, including defense contractors, should prepare for the emergence of new requirements in the coming months that are designed to strengthen software supply chain security, impose more stringent cybersecurity...more
The Department of Defense (DoD) published a Final Rule earlier this month formally implementing the Cybersecurity Maturity Model Certification (CMMC) Program. This Final Rule is the culmination of five years of work to...more
The U.S. and the U.K. are focused on common national security risks, including preventing foreign access to key emerging technologies, the integrity of the defense supply chain, protection of critical infrastructure, and...more
The National Institute of Standards and Technology (NIST) released the third revision of its Special Publication (SP) 800-171, "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations." This...more
America’s data is under attack. Solar Winds and other recent headline-grabbing stories have demonstrated that foreign adversaries are eager to hack into computer systems for a wide range of purposes. The US Department of...more
People like to say that cybersecurity threats are constantly evolving. So perhaps it’s fitting that cybersecurity compliance is undergoing a significant evolution of its own this year, too. That evolution is the arrival of...more
The Department of Defense (DoD) continues to enhance cybersecurity requirements in its supply chain. A new rule requires some contractors to assign a numerical score to their current cybersecurity practices. Additionally, the...more
A. Introduction and Key Take-Aways - The Department of Defense’s (DOD) Cybersecurity Maturity Model Certification (CMMC) program provides a metric for independent third parties to use in assessing and certifying the...more
On January 30, 2020, the U.S. Department of Defense (“DoD”) released Version 1.0 of its Cybersecurity Maturity Model Certification (“CMMC”) framework (CMMC overview here; CMMC Version 1.0 and appendices here). By 2026, DoD...more
January 2020 was a very important month for DOD’s Cybersecurity Maturity Model Certification (CMMC) initiative. Last week, on January 31, 2020, DOD issued CMMC “Version 1.0” to the public....more
- DoD has released the final version of the CMMC framework. - DoD anticipates that CMMC requirements will appear in a limited number of solicitations starting in October 2020 and that they will appear in all DoD...more
On January 30, the US Department of Defense (DoD) released version 1.0 of the Cybersecurity Maturity Model Certification (CMMC) framework, which will require DoD contractors and subcontractors to obtain third-party...more
The Department of Defense (DoD) is planning to release Volume 1.0 of the Cyber Maturity Model Certification (CMMC) framework, which will affect the award and continued performance of all DoD contracts. In response to the...more
Through ADG Insights, we share with you the top legal and political issues affecting the aerospace, defense, and government services (ADG) industry. Our ADG industry team monitors the latest developments to help our clients...more