Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
[Podcast] Cybersecurity Maturity Model Certification (CMMC) 2.0 – What Federal Contractors Need To Know
Marti Arvin and Anthony Buenger on the CMMC Framework
If you are a trade and legal compliance decision-maker, where can you go to learn, expand your export controls brain trust, and strengthen your strategy? At ACI’s Advanced Forum on Global Export Controls, you’ll connect...more
2025 has been an exceptionally active year for U.S. government contractors and grant recipients. The combination of executive orders, regulatory changes and legislative updates that have reshaped procurement, industrial...more
November 2025 has been a busy month for cybersecurity rules affecting government contractors. The long-awaited Cybersecurity Maturity Model Certification (CMMC) Program went into effect on November 10. We are now seeing the...more
On Nov. 10, 2025, the long-awaited final rule amending the Defense Federal Acquisition Regulation Supplement (DFARS) to implement the Cybersecurity Maturity Model Certification (CMMC) program became effective. This rule,...more
On November 10, 2025, the Department of Defense (DoD), also referred to as the Department of War (DoW), officially began rolling out its Cybersecurity Maturity Model Certification (CMMC) Final Rule, marking the start of the...more
This alert serves to remind contractors of the much-ballyhooed Cybersecurity Maturity Model Certification (CMMC) and updates our previous articles on the Department of Defense’s (DoD) proposed CMMC Program rule and DoD’s...more
Our Privacy, Cyber & Data Strategy Team breaks down the Department of Defense’s finalized Cybersecurity Maturity Model Certification (CMMC) rule, which establishes a tiered compliance framework that will soon be mandatory for...more
After half a decade of development and review, the U.S. Department of Defense (DoD) will implement contracting regulations, effective November 10, 2025, making the Cybersecurity Maturity Model Certification (CMMC) Program a...more
Colleges and universities are increasingly engaged in complex relationships with the federal government — through contracts, cooperative agreements, and research grants that fund everything from infrastructure and...more
The U.S. Department of Justice (“DOJ”) has kept busy in pursuing cybersecurity-related fraud in government contracts resulting in seven settlements. These settlements illustrate the continuing need for contractors to...more
The Department of Defense (DoD) has finalized its game-changing Cybersecurity Maturity Model Certification (CMMC) rules, ushering in a new era of accountability for the Defense Industrial Base. The timeline is now very short:...more
The U.S. Department of Defense released the final rule implementing the Cybersecurity Maturity Model Certification on Sept. 9. Through the program, the DOD seeks to enhance protections for sensitive information. Originally...more
Notwithstanding Executive Orders to reduce federal rules affecting industry in effect today, the Department of Defense (DOD) recently enacted new regulations by finalizing the Cybersecurity Maturity Model Certification (CMMC)...more
Since 2004, October has marked Cybersecurity Awareness Month and for more than 15 years Wiley’s team of cybersecurity, tech, and government contracts experts has been helping organizations manage cyber risk. On October 21, as...more
On September 10, the U.S. Department of Defense (DOD) posted its final rule implementing the Cybersecurity Maturity Model Certification (CMMC) program for defense acquisitions. This new rule (acquisition rule) updates the...more
The Federal Acquisition Regulatory Council (FAR Council) released its Spring 2025 regulatory agenda as part of the government-wide Unified Agenda of Regulatory and Deregulatory Actions, unveiling a slimmed-down list of...more
On September 9, 2025, the Department of Defense issued a long-awaited final rule regarding the Cybersecurity Maturity Model Certification (CMMC). This final rule which has been published in the Federal Register and amended...more
The wait is finally over, and U.S. Department of Defense (DoD) contractors need to be prepared. On September 10, 2025, DoD posted a final rule that will officially make Cybersecurity Maturity Model Certification (CMMC) a...more
On September 10, 2025, the Department of Defense (DoD) issued a Final Rule officially incorporating the Cybersecurity Maturity Model Certification (CMMC) Program into the Defense Federal Acquisition Regulation Supplement...more
On September 10, 2025, the U.S. Department of Defense (DoD) published a final rule that will shake up cybersecurity compliance for DoD contractors. The new rule formally incorporates the Cybersecurity Maturity Model...more
The U.S. Department of Defense (DOD) issued a final rule this month that fundamentally changes eligibility for DOD procurement by tying contract awards directly to cybersecurity readiness....more
WHAT: The U.S. Department of Defense (DOD) this month published the second of two final rules needed to begin phasing in the long-awaited Cybersecurity Maturity Model Certification (CMMC) Program. This final rule amends the...more
In August 2024, The Department of Defense (DoD) released a proposed amendment to the Defense Acquisition Regulations Supplement (DFARS) – which provides acquisition policies and procedures for the DoD – that would require a...more
The Cybersecurity Maturity Model Certification (CMMC) has been a long-anticipated framework designed to bolster cybersecurity across the defense industrial base. After extensive development and revisions, the Department of...more
The Department of Defense (DoD) recently finalized a new rule, to be codified at Defense Federal Acquisition Regulation Supplement (DFARS) 252.204-7021 (contract clause) and 252.204-7025 (solicitation provision), which will...more