Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Marti Arvin and Anthony Buenger on the CMMC Framework
The U.S. Department of Defense (DoD) recently issued a memorandum signaling that defense contractors soon will be required to comply with new cybersecurity compliance requirements. The memorandum establishes...more
On January 15, 2025, the FAR Council finally released a proposed rule (the Rule)1 regulating the use and handling of controlled unclassified information (CUI) as a part of the general strategy to reduce threats of...more
Earlier this year, the FAR Council issued a proposed rule to implement the Controlled Unclassified Information (CUI) Program as it relates to federal contracts. The proposed rule is "just one element of a larger strategy to...more
On January 15, 2025, the Department of Defense (DOD), General Services Administration (GSA), and the National Aeronautics and Space Administration (NASA) (collectively, “the FAR Council”) issued a long-anticipated proposed...more
On December 26, 2023, the US Department of Defense (DoD) published its long-awaited proposed rule codifying the Cybersecurity Maturity Model Certification (CMMC) Program. The proposed CMMC rule will apply to all DoD...more
2019 has been a year of pivotal developments for defense contractors in the realm of cybersecurity compliance. The Department of Defense (DoD) issued six guidance memoranda to assist its acquisition personnel in developing...more