News & Analysis as of

National Institute of Standards and Technology Subcontractors Federal Acquisition Regulations (FAR)

WilmerHale

New Executive Order Modifies Cybersecurity Requirements to Be Imposed on Federal Contractors and Subcontractors

WilmerHale on

On June 6, 2025, President Donald Trump issued Executive Order (E.O.) 14306 to scale back a range of cybersecurity requirements and government-wide approaches implemented by the Biden Administration....more

McCarter & English Blog: Government Contracts...

The “Prestige”: DoD Unveils NIST SP 800-171 Revision 3, Organizationally Defined Parameters

On April 15, 2025, the Department of Defense (DoD) released official guidance on Organizationally Defined Parameters (ODPs) appearing in the newly published NIST SP 800-171 Revision 3. At the same time, the DoD reaffirmed...more

Morrison & Foerster LLP - Government...

Proposed Regulation on Controlled Unclassified Information Standardizes Process for CUI Identification and Handling Across Federal...

The Federal Acquisition Regulation (FAR) Council issued its long awaited proposed rule on Controlled Unclassified Information (CUI) on January 15, 2025. The proposed rule establishes a common form to be used by all federal...more

Woods Rogers

FAR Council Publishes Proposed Rule Imposing New Security Requirements on Contractors Handling CUI

Woods Rogers on

On January 15, 2025, the Federal Acquisition Regulatory Council published a proposed rule (the FAR CUI Rule) that would amend the Federal Acquisition Regulation (FAR) to impose government-wide cybersecurity, training, and...more

McCarter & English Blog: Government Contracts...

They Did It. They Really Did It! The Arrival of the FAR CUI Proposed Rule

After years of anticipation, the Federal Acquisition Regulation (FAR) Council has announced the arrival of its proposed rule to enhance the safeguarding of Controlled Unclassified Information (CUI) in federal contracts (the...more

Wiley Rein LLP

Updates on Cybersecurity Requirements for Government Contractors

Wiley Rein LLP on

Part of the Biden Administration’s push to enhance U.S. cybersecurity capabilities has focused on imposing new requirements on government contractors. The 2023 National Cybersecurity Strategy suggested, for example, that...more

BakerHostetler

The DoD’s CMMC Rule Is Out: What Comes Next?

BakerHostetler on

On October 15, 2024, the Department of Defense (DoD) published the final rule for the Cybersecurity Maturity Model Certification (CMMC) Program that not only finalizes the long-anticipated CMMC Rule but also foreshadows what...more

Paul Hastings LLP

U.S. Department of Defense Set to Implement Its Cybersecurity Maturity Model Certification Program With Publication of New Rule

Paul Hastings LLP on

On October 15, 2024, the Department of Defense (“DoD”) published the final version of its rule implementing the Cybersecurity Maturity Model Certification (“CMMC”) Program under Title 32 of the Code of Federal Regulations...more

BakerHostetler

CMMC Barrels Closer to Implementation with Latest Proposed Rule Establishing DFARS Contract Clauses

BakerHostetler on

Cybersecurity Maturity Model Certification (CMMC) is coming — and now appears to be coming faster than many defense contractors believed. In the latest signal of CMMC’s forward momentum, the Department of Defense (DoD) issued...more

American Conference Institute (ACI)

CMMC 2.0 and FOCI Assessments: Preparing for What Lies Ahead

Defense contractors and subcontractors that handle Controlled Unclassified Information (CUI) and do not have robust information-security system controls in place better get their house in order now if they want to do business...more

McCarter & English Blog: Government Contracts...

DoD’s Proposed CMMC Rule: Groundhog Day… or a Final Rule in the Works?

On December 26, 2023, the Department of Defense (“DoD”) belatedly gifted defense contractors and subcontractors a Proposed Rule on the Cybersecurity Maturity Model Certification (“CMMC”) Program. DoD also released eight CMMC...more

Goodwin

CMMC 2.0: Defense Contractors Get Ready

Goodwin on

The US Department of Defense (DoD) has issued a proposed rule to implement its long-awaited Cybersecurity Maturity Model Certification program (CMMC 2.0). This proposed rule — released on December 26, 2023, and published in...more

Pillsbury Winthrop Shaw Pittman LLP

Department of Defense Delivers Highly Anticipated CMMC Proposed Rule

The proposed rule requires contractors to make annual affirmations regarding their cybersecurity maturity, thus increasing their risk of False Claims Act Liability. The proposed rule allows for limited use of Plans of...more

McDermott Will & Schulte

CMMC From the Bottom Up: A Detailed Review of Level 1

In this series of articles, we explore the different certification requirements of CMMC Level 1, 2 and 3, the impact on contractors and external service providers, and proposed next steps... On December 26, 2023, the US...more

Venable LLP

The New CMMC Rule: FAQs for Federal Contractors and Subcontractors

Venable LLP on

The Department of Defense (DoD) delivered its proposed Cybersecurity Maturity Model Certification Program rule (CMMC) the day after Christmas this year, including several related guidance documents (listed here). The proposed...more

Morrison & Foerster LLP - Government...

The FAR Council’s Proposed Cybersecurity Overhaul: Lots Of Questions, But Only Some Answers

In what can best be described as a tsunami of cybersecurity regulation, the Federal Acquisition Regulation (FAR) Council—consisting of the Department of Defense (DoD), General Services Administration (GSA), and National...more

Foley & Lardner LLP

Department of Defense Formally Implements Cybersecurity Maturity Model Certification Requirements for Department of Defense...

Foley & Lardner LLP on

On November 30, 2020, the U.S. Department of Defense (“DoD”) will begin to roll out the new Cybersecurity Maturity Model Certification (“CMMC”) framework that eventually will require all DoD contractors, subcontractors, and...more

Pillsbury Winthrop Shaw Pittman LLP

DoD Has Released Model Version 1.0 of the Cyber Maturity Model Certification Framework

- DoD has released the final version of the CMMC framework. - DoD anticipates that CMMC requirements will appear in a limited number of solicitations starting in October 2020 and that they will appear in all DoD...more

McDermott Will & Schulte

Tackling Increased Cybersecurity Requirements in the Defense Industrial Base

On January 30, the US Department of Defense (DoD) released version 1.0 of the Cybersecurity Maturity Model Certification (CMMC) framework, which will require DoD contractors and subcontractors to obtain third-party...more

Akin Gump Strauss Hauer & Feld LLP

DOD and Other Agencies Seek to Enhance Contractors’ Cyber and Supply Chain Security

The Department of Defense (DOD) and its component services and agencies are taking several independent steps to assess and enhance their cyber and supply chain security that will directly or indirectly affect DOD contractors...more

Holland & Knight LLP

DoD's New Cybersecurity and Cloud Standards and Reporting Requirements

Holland & Knight LLP on

The Department of Defense (DoD) released interim rules implementing provisions of the 2013 and 2015 National Defense Authorization Acts. The rules, released on Aug. 26, 2015, are effective immediately and establish the...more

21 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide