Helping individuals, companies, and organizations understand key legal and practical considerations for promoting compliance and making better business decisions in these types of federal, state, and local government contracting matters MORE

Cyber, Data Security, and Privacy

Subscribe to Cyber, Data Security, and Privacy

Last month we reported on the Department of Defense’s (DoD’s) issuance of Version 0.6 of its draft Cybersecurity Maturity Model Certification (CMMC) standard. That draft included DoD updates and revisions to CMMC’s domains, capabilities and practices for Levels 1 through 3. It deferred revisions to those parts of CMMC covering Levels 4 and 5. On

Previously we reported on the Department of Defense (‘DoD”) efforts to develop a Cybersecurity Maturity Model Certification (“CMMC”) program to verify the status of contractor cybersecurity and compliance. The CMMC program contemplates that third party auditors will be qualified and retained to review and certify contractors and suppliers at all tiers on their levels of

In the face of increasing concern over the security of Navy and Marine Corps (Navy) programs, the Navy Marine Corps Acquisition Regulation Supplement (NMCARS) was updated on September 6, 2019 to incorporate significant additional cybersecurity compliance, monitoring and reporting requirements, as well as identify potential penalties for contractor noncompliance with cybersecurity requirements or delivery of

Comments Due September 25, 2019

Earlier this year, Assistant Secretary of Defense for Acquisition & Logistics Kevin Fahey announced that the Department of Defense (“DoD”) was working with Carnegie Mellon University and Johns Hopkins Applied Physics Laboratory to develop a new cybersecurity standard and certification framework for defense contractors, the Cybersecurity Maturity Model Certification (“CMMC”).