On April 15, 2025, the Department of Defense (DoD) released official guidance on Organizationally Defined Parameters (ODPs) appearing in the newly published NIST SP 800-171 Revision 3. At the same time, the DoD reaffirmed...more
4/28/2025
/ Compliance ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Defense Contracts ,
Department of Defense (DOD) ,
DFARS ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Government Agencies ,
New Guidance ,
NIST ,
Regulatory Requirements ,
Subcontractors ,
Supply Chain
After years of anticipation, the Federal Acquisition Regulation (FAR) Council has announced the arrival of its proposed rule to enhance the safeguarding of Controlled Unclassified Information (CUI) in federal contracts (the...more
1/17/2025
/ Compliance ,
Controlled Unclassified Information (CUI) ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Data Protection ,
Department of Defense (DOD) ,
DFARS ,
Employee Training ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
NARA ,
NIST ,
Proposed Rules ,
Risk Management ,
Software ,
Subcontractors ,
Supply Chain ,
System For Award Management (SAM)
Over the course of the past few years, gallons of ink have been spilled addressing the seemingly ever-pending US Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) Program. After keeping us...more
On May 14, 2024, the National Institute of Standards and Technology (NIST) dropped the third remix…er, revision…of its Special Publication (SP) 800-171, “Protecting Controlled Unclassified Information in Nonfederal Systems...more
On December 26, 2023, the Department of Defense (“DoD”) belatedly gifted defense contractors and subcontractors a Proposed Rule on the Cybersecurity Maturity Model Certification (“CMMC”) Program. DoD also released eight CMMC...more
2/14/2024
/ Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Defense Contracts ,
Department of Defense (DOD) ,
DFARS ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
NIST ,
Proposed Rules ,
Risk Assessment ,
Risk Management ,
Subcontractors
Hollywood is full of them. And unless you are trapped on the Planet of the Apes, caught on the 3:10 to Yuma, or running from Godzilla, you’ve probably seen a movie reboot or two over the past two decades. The term generally...more
After months of review, on November 4, 2021, the Department of Defense (DoD) finally unveiled its new version of the Cybersecurity Maturity Model Certification (CMMC 2.0). Well, almost. In a blink-and-you’ll-miss-it moment,...more
There’s an often mistranslated Taoist adage that counsels “A journey of a thousand miles begins with a single step.” So it is presently with the Department of Defense’s (DoD’s) Cybersecurity Maturity Model Certification...more