News & Analysis as of May 6, 2025

Department of Defense (DOD)

+ Follow

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now. less -

The “Prestige”: DoD Unveils NIST SP 800-171 Revision 3, Organizationally Defined Parameters

McCarter & English Blog: Government Contracts... on 4/28/2025

On April 15, 2025, the Department of Defense (DoD) released official guidance on Organizationally Defined Parameters (ODPs) appearing in the newly published NIST SP 800-171 Revision 3. At the same time, the DoD reaffirmed...more

Government Contractors Beware: Failure to Comply with DOD Cybersecurity Requirements Can Trigger Civil FCA Liability

Fox Rothschild LLP on 4/18/2025

The Department of Justice (DOJ) recently reached a $4.6 million civil False Claims Act (FCA) settlement with MORSECORP, Inc. (MORSE) arising out of allegations that the company failed to comply with Department of Defense...more

FAR Proposed Controlled Unclassified Information Rule: A Path Toward Standardization

Cozen O'Connor on 2/21/2025

On January 15, 2025, the FAR Council finally released a proposed rule (the Rule)1 regulating the use and handling of controlled unclassified information (CUI) as a part of the general strategy to reduce threats of...more

New CMMC 2.0 Guidance Issued

Morris, Manning & Martin, LLP on 2/19/2025

The Department of Defense (DoD) recently issued a memo titled, "Implementing the Cybersecurity Maturity Model Certification (CMMC) Program: Guidance for Determining Appropriate CMMC Compliance Assessment Levels and Process...more

The FY 2025 National Defense Authorization Act: What’s New for Defense Contractors

Perkins Coie on 1/30/2025

The recently passed National Defense Authorization Act (NDAA or Act) for Fiscal Year 2025 addresses recurring areas of focus relevant to defense contracting, including supply chain risks related to China, organizational...more

Proposed Regulation on Controlled Unclassified Information Standardizes Process for CUI Identification and Handling Across Federal...

Morrison & Foerster LLP - Government... on 1/24/2025

The Federal Acquisition Regulation (FAR) Council issued its long awaited proposed rule on Controlled Unclassified Information (CUI) on January 15, 2025. The proposed rule establishes a common form to be used by all federal...more

Client Alert: FAR Council Issues Long-Awaited Proposed Rule to Implement Controlled Unclassified Information Program

Jenner & Block on 1/22/2025

On January 15, 2025, the Department of Defense (DOD), General Services Administration (GSA), and the National Aeronautics and Space Administration (NASA) (collectively, “the FAR Council”) issued a long-anticipated proposed...more

After a Short 15-Year Wait, the Government Finally Tries to Define What the Heck Controlled Unclassified Information (CUI)...

Kilpatrick on 1/17/2025

Over the last two decades, federal contractors have been frustrated by the Government’s hodgepodge approach to regulating Controlled Unclassified Information (CUI). Various agencies have implemented differing definitions,...more

They Did It. They Really Did It! The Arrival of the FAR CUI Proposed Rule

McCarter & English Blog: Government Contracts... on 1/17/2025

After years of anticipation, the Federal Acquisition Regulation (FAR) Council has announced the arrival of its proposed rule to enhance the safeguarding of Controlled Unclassified Information (CUI) in federal contracts (the...more

Governmental Practice Cybersecurity and Data Protection: 2024 Recap & 2025 Forecast Alert

Sheppard Mullin Richter & Hampton LLP on 1/8/2025

To kick off the New Year (and as is now tradition, since we put out a similar Recap & Forecast last year), Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2024...more

Federal Cybersecurity Policy in 2025: What to Watch in Changing Times

Wiley Rein LLP on 1/7/2025

Last year we made some predictions about 2024’s cyber landscape and major issues. Several proved prescient, with incident reporting, CISO scrutiny, SEC aggression, and new regulation of various sectors taking shape as the...more

DoD Issues Proposed Rule for New Disclosures on Foreign Review of Computer Code

Sheppard Mullin Richter & Hampton LLP on 12/16/2024

On November 15, 2024, the Department of Defense (“DoD”) issued a long-awaited Proposed Rule to implement Section 1655 of the National Defense Authorization Act for Fiscal Year 2019. Section 1655 prohibits DoD from...more

The CMMC 2.0 Program Has Arrived!

Goodwin on 12/9/2024

On October 15, 2024, the U.S. Department of Defense (DoD) published a Final Rule implementing the Cybersecurity Maturity Model Certification (CMMC) 2.0 Program....more

Penn State, GA Tech Cybersecurity Cases Join 10 Others FCA Attorney Has Under Seal

Health Care Compliance Association (HCCA) on 12/9/2024

Note to research compliance officials still digesting news of Pennsylvania State’s recent $1.25 million settlement over False Claims Act (FCA) allegations related to cybersecurity and the government’s recent intervention in a...more

DoD Releases Final CMMC Program Rule, Formally Initiating Its Cybersecurity Program

Vinson & Elkins LLP on 11/22/2024

On October 15, 2024, the Department of Defense (“DoD”) released its final rule (the “Final Rule”) formally establishing the Cybersecurity Maturity Model Certification (“CMMC”) program, nearly three years after first...more

Updates on Cybersecurity Requirements for Government Contractors

Wiley Rein LLP on 11/22/2024

Part of the Biden Administration’s push to enhance U.S. cybersecurity capabilities has focused on imposing new requirements on government contractors. The 2023 National Cybersecurity Strategy suggested, for example, that...more

DOD Finalizes Cybersecurity Maturity Model Certification Program Requirements

Morgan Lewis on 11/21/2024

The US Department of Defense (DOD) finalized a rule that takes the next steps toward fully implementing the Cybersecurity Maturity Model Certification (CMMC) 2.0 program. This rule formalizes compliance requirements that will...more

The Cybersecurity Maturity Model Certification Program – Defense Contractors Must Rapidly Prepare and Implement

K&L Gates LLP on 11/20/2024

The Department of Defense (DoD) has officially launched the Cybersecurity Maturity Model Certification (CMMC) Program, which requires federal contractors and subcontractors across the Defense Industrial Base (DIB) to comply...more

DoD Announces Cybersecurity Maturity Model Certification 2.0 Final Rule (Finally!)

Bass, Berry & Sims PLC on 11/12/2024

After numerous fits and starts, on October 14, the Department of Defense (DoD) published a final rule implementing the Cybersecurity Maturity Model Certification (CMMC) program. Borne from documented deficiencies in the...more

CMMC 2.0: Department of Defense Publishes Final Rule to Establish its Cybersecurity Maturity Model Certification 2.0 Program

Polsinelli on 11/6/2024

After years in the making, on October 15, 2024, the U.S. Department of Defense (DoD) published its final rule to establish the Cybersecurity Maturity Model Certification (CMMC) Program, amending Title 32 of the Code of...more

DOJ Continues Crackdown on Cybersecurity Compliance with $1.25M FCA Settlement

Wiley Rein LLP on 10/29/2024

The Department of Justice (DOJ) secured another win for its Civil Cyber-Fraud Initiative last week when it resolved a False Claims Act (FCA) action[1] alleging Pennsylvania State University (Penn State) failed to comply with...more

Department of Defense Establishes New Cybersecurity Maturity Model Certification (CMMC) Program

Faegre Drinker Biddle & Reath LLP on 10/28/2024

Following a multi-year rollout process, the U.S. Department of Defense published a final rule on October 15, 2024, establishing its Cybersecurity Maturity Model Certification Program to protect sensitive unclassified...more

Final DoD Cybersecurity Maturity Model Certification Rule Will Bring Compliance Challenges, Increased False Claims Act Risk

WilmerHale on 10/25/2024

On October 11, 2024, the U.S. Department of Defense (DoD) at long last published a final rule establishing the Cybersecurity Maturity Model Certification (CMMC) Program (the Final Rule)...more

U.S. Department of Defense Set to Implement Its Cybersecurity Maturity Model Certification Program With Publication of New Rule

Paul Hastings LLP on 10/24/2024

On October 15, 2024, the Department of Defense (“DoD”) published the final version of its rule implementing the Cybersecurity Maturity Model Certification (“CMMC”) Program under Title 32 of the Code of Federal Regulations...more

DoD Issues Final CMMC Framework for Defense Contractors

McGuireWoods LLP on 10/24/2024

After a nearly five-year rulemaking process, the U.S. Department of Defense (DoD) published the Final Cybersecurity Maturity Model Certification 2.0 (CMMC) program rule in the Federal Register on Oct. 15, 2024, codified at 32...more

266 Results

View per page

Page: of 11

Cybersecurity › DFARS › Department of Defense (DOD)

"My best business intelligence, in one easy email…"