Cybersecurity Insights: Updates on CMMC Implementation and CUI Identification
Marti Arvin and Anthony Buenger on the CMMC Framework
The wait is finally over! After more than 14 years of anticipation, the Federal Acquisition Regulation (“FAR”) Proposed Rule on Controlled Unclassified Information (“CUI”) was released on January 15, 2025 and comes as part of...more
After numerous fits and starts, on October 14, the Department of Defense (DoD) published a final rule implementing the Cybersecurity Maturity Model Certification (CMMC) program. Borne from documented deficiencies in the...more
Less than 10 months after the issuance of its proposed rule, DoD has issued this final rule establishing the CMMC program. DoD’s issuance of the final rule demonstrates the government’s continued commitment to...more
On Tuesday, October 15, 2024, the U.S. Department of Defense (“DOD”) issued its final rule for its much anticipated Cybersecurity Maturity Model Certification (“CMMC”) program. The CMMC program will eventually require one of...more
On June 21, the Department of Homeland Security (DHS) published a final rule to implement security measures that safeguard controlled unclassified information (CUI) from unauthorized access and disclosure and improve incident...more
The government recently finalized a sweeping amendment to the Federal Acquisition Regulation (“FAR”) that will impose basic information system safeguarding requirements on many federal acquisitions, marking the latest in the...more
LABOR AND EMPLOYMENT - Overtime Final Rule - The Department of Labor issued its final overtime rule which updates the salary level required for the executive, administrative, and professional (“white collar”)...more
On May 16, 2016, the Federal Acquisition Regulations (“FAR”) Council published the final FAR rule on Basic Safeguarding of Contractor Information Systems. The rule is intended to prescribe “the most basic level” of...more