When it introduced CMMC 2.0 in 2021, the United States Department of Defense signaled that it was simultaneously both softening some of the requirements that were in early versions of its Cybersecurity Maturity Model Certification (“CMMC”) program and taking a more structured approach to implementing CMMC. As part of that structured implementation, DoD formalized CMMC by crafting an…
The United States Department of Defense recently published a notice that a new rule, DFARS 252.204-7024, will be published soon. In her recent article (available here for free), Sara Friedman publishes analysis of that new rule, including comments from Robert Metzger, Eric Crusius, and me. The biggest takeaway I see is that DoD is laying a foundation for…
Background Over the past few years, the US federal government has been gradually trying to improve its cybersecurity program, and has been encouraging contractors to do the same. The US Department of Defense led the way in these efforts, including through a variety of initiatives like DFARS 252.204-7012 and the Cybersecurity Maturity Model Certification (“CMMC”) program. The CMMC program…
Thank you, DoD, for showing us that you listen. In 2019 you listened and quickly created CMMC from the ether to answer a monumental need to secure our country’s supply chain. You showed you were listening again last week when you changed CMMC to address the concerns from contractors who felt CMMC 1.x was overly…
End of content
End of content
© 2024 FutureFeed.co. All rights reserved.
Disclaimer: The appearance of U.S. Department of Defense (DoD) visual information does not imply or constitute DoD endorsement.
© 2024 FutureFeed.co. All rights reserved.
Disclaimer: The appearance of U.S. Department of Defense (DoD) visual information does not imply or constitute DoD endorsement.