News & Analysis as of

Cybersecurity Cybersecurity Maturity Model Certification (CMMC) Federal Acquisition Regulations (FAR)

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
McCarter & English Blog: Government Contracts...

The “Prestige”: DoD Unveils NIST SP 800-171 Revision 3, Organizationally Defined Parameters

McCarter & English Blog: Government Contracts... on

On April 15, 2025, the Department of Defense (DoD) released official guidance on Organizationally Defined Parameters (ODPs) appearing in the newly published NIST SP 800-171 Revision 3. At the same time, the DoD reaffirmed...more

Goodwin

Crossing Administrations: The Focus on Federal Cybersecurity Continues

Goodwin on

Federal contractors, including defense contractors, should prepare for the emergence of new requirements in the coming months that are designed to strengthen software supply chain security, impose more stringent cybersecurity...more

Womble Bond Dickinson

Navigating CMMC Compliance and Key Insights from the National 8(a) Small Business Conference

Womble Bond Dickinson on

The recent National 8(a) Small Business Conference underscored pressing challenges and critical updates regarding the Cybersecurity Maturity Model Certification (CMMC) Program, now in an advanced phase known as CMMC 2.0. The...more

Sheppard Mullin Richter & Hampton LLP

At Long Last – The FAR CUI Rule is Here! 

Sheppard Mullin Richter & Hampton LLP on

The wait is finally over! After more than 14 years of anticipation, the Federal Acquisition Regulation (“FAR”) Proposed Rule on Controlled Unclassified Information (“CUI”) was released on January 15, 2025 and comes as part of...more

Woods Rogers

FAR Council Publishes Proposed Rule Imposing New Security Requirements on Contractors Handling CUI

Woods Rogers on

On January 15, 2025, the Federal Acquisition Regulatory Council published a proposed rule (the FAR CUI Rule) that would amend the Federal Acquisition Regulation (FAR) to impose government-wide cybersecurity, training, and...more

McCarter & English Blog: Government Contracts...

They Did It. They Really Did It! The Arrival of the FAR CUI Proposed Rule

McCarter & English Blog: Government Contracts... on

After years of anticipation, the Federal Acquisition Regulation (FAR) Council has announced the arrival of its proposed rule to enhance the safeguarding of Controlled Unclassified Information (CUI) in federal contracts (the...more

Sheppard Mullin Richter & Hampton LLP

Governmental Practice Cybersecurity and Data Protection: 2024 Recap & 2025 Forecast Alert

Sheppard Mullin Richter & Hampton LLP on

To kick off the New Year (and as is now tradition, since we put out a similar Recap & Forecast last year), Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2024...more

Wiley Rein LLP

Federal Cybersecurity Policy in 2025: What to Watch in Changing Times

Wiley Rein LLP on

Last year we made some predictions about 2024’s cyber landscape and major issues. Several proved prescient, with incident reporting, CISO scrutiny, SEC aggression, and new regulation of various sectors taking shape as the...more

Wiley Rein LLP

Updates on Cybersecurity Requirements for Government Contractors

Wiley Rein LLP on

Part of the Biden Administration’s push to enhance U.S. cybersecurity capabilities has focused on imposing new requirements on government contractors. The 2023 National Cybersecurity Strategy suggested, for example, that...more

BakerHostetler

The DoD’s CMMC Rule Is Out: What Comes Next?

BakerHostetler on

On October 15, 2024, the Department of Defense (DoD) published the final rule for the Cybersecurity Maturity Model Certification (CMMC) Program that not only finalizes the long-anticipated CMMC Rule but also foreshadows what...more

Bass, Berry & Sims PLC

DoD Announces Cybersecurity Maturity Model Certification 2.0 Final Rule (Finally!)

Bass, Berry & Sims PLC on

After numerous fits and starts, on October 14, the Department of Defense (DoD) published a final rule implementing the Cybersecurity Maturity Model Certification (CMMC) program. Borne from documented deficiencies in the...more

Alston & Bird

Summary of Changes from DoD CMMC Proposed Rule to Final Rule

Alston & Bird on

The CMMC program is designed to ensure that federal contract information (“FCI”) and Controlled Unclassified Information (“CUI”) are sufficiently protected by government contractors.  For example, the CMMC program requires...more

Faegre Drinker Biddle & Reath LLP

Department of Defense Establishes New Cybersecurity Maturity Model Certification (CMMC) Program

Faegre Drinker Biddle & Reath LLP on

Following a multi-year rollout process, the U.S. Department of Defense published a final rule on October 15, 2024, establishing its Cybersecurity Maturity Model Certification Program to protect sensitive unclassified...more

Paul Hastings LLP

U.S. Department of Defense Set to Implement Its Cybersecurity Maturity Model Certification Program With Publication of New Rule

Paul Hastings LLP on

On October 15, 2024, the Department of Defense (“DoD”) published the final version of its rule implementing the Cybersecurity Maturity Model Certification (“CMMC”) Program under Title 32 of the Code of Federal Regulations...more

McGuireWoods LLP

DoD Issues Final CMMC Framework for Defense Contractors

McGuireWoods LLP on

After a nearly five-year rulemaking process, the U.S. Department of Defense (DoD) published the Final Cybersecurity Maturity Model Certification 2.0 (CMMC) program rule in the Federal Register on Oct. 15, 2024, codified at 32...more

Cozen O'Connor

Department of Defense Publishes Final Rule on Cybersecurity Maturity Model Certification

Cozen O'Connor on

On October 15, 2024, the Department of Defense (DoD) published the long-anticipated first part of its final rule (the Final Rule) for the Cybersecurity Maturity Model Certification (CMMC) program. After the implementation of...more

Maynard Nexsen

DOD Finalizes CMMC 2.0 Program Final Rule

Maynard Nexsen on

On Tuesday, October 15, 2024, the U.S. Department of Defense (“DOD”) issued its final rule for its much anticipated Cybersecurity Maturity Model Certification (“CMMC”) program. The CMMC program will eventually require one of...more

Troutman Pepper Locke

Federal Cybersecurity Requirements Ought Not Be Ignored by Contractors

Troutman Pepper Locke on

Since 2016, the federal government has implemented numerous procurement regulations and associated contract clauses to address cybersecurity by requiring contractors to adopt various controls and standards to protect...more

BakerHostetler

CMMC Barrels Closer to Implementation with Latest Proposed Rule Establishing DFARS Contract Clauses

BakerHostetler on

Cybersecurity Maturity Model Certification (CMMC) is coming — and now appears to be coming faster than many defense contractors believed. In the latest signal of CMMC’s forward momentum, the Department of Defense (DoD) issued...more

Mayer Brown

US DoD Proposes Final Rule to Incorporate Contractual Requirements for the Cybersecurity Maturity Model Certification (CMMC)

Mayer Brown on

On August 15, 2024, the Department of Defense (DoD) published a proposed rule to amend the Defense Federal Acquisition Regulation Supplement (DFARS) to incorporate contractual requirements related to the Cybersecurity...more

Woods Rogers

DOD’s CMMC 2.0 Program Takes Step Forward with Release of Contract Rule Proposal

Woods Rogers on

The United States Department of Defense (DoD) took another big step on the path to instituting its highly anticipated Cybersecurity Maturity Model Certification 2.0 program (CMMC 2.0). Once finalized, CMMC 2.0 will establish...more

Sheppard Mullin Richter & Hampton LLP

The CMMC Rule To Update the DFARS is Here!

Sheppard Mullin Richter & Hampton LLP on

The proposed rule to implement the Cybersecurity Maturity Model Certification (“CMMC”) program in the Defense Federal Acquisition Regulation Supplement (“DFARS”) was published in the Federal Register on August 15, 2024 and...more

Wiley Rein LLP

CMMC 2.0 Update: DOD Proposed Rule Introduces Standard Terms for Contracts Subject to CMMC 2.0, Including Yet Another 72-Hour...

Wiley Rein LLP on

WHAT: The U.S. Department of Defense (DOD) just published the second of two proposed rules setting forth key requirements for its long-anticipated Cybersecurity Maturity Model Certification (CMMC) 2.0 program. The earlier...more

PilieroMazza PLLC

Win or Lose: Using CMMC 2.0 Proposed Rule to Position Yourself for DOD Contracts

PilieroMazza PLLC on

The Cybersecurity Maturity Model Certification (CMMC) Program has been a headache for many defense contractors since the idea was first introduced in 2019. The program seeks to protect unclassified information, including...more

McCarter & English Blog: Government Contracts...

NIST SP 800-171 Revision 3 Goes Final: Who’s Down with ODP?

McCarter & English Blog: Government Contracts... on

On May 14, 2024, the National Institute of Standards and Technology (NIST) dropped the third remix…er, revision…of its Special Publication (SP) 800-171, “Protecting Controlled Unclassified Information in Nonfederal Systems...more

65 Results
 / 
View per page
Page: of 3
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide