Blog

On June 16, 2022, the Department of Defense ("DoD") issued a memorandum on cybersecurity compliance, Contractual Remedies to Ensure Contractor Compliance with Defense Federal Acquisition Regulation Supplement Clause 252.204-7012, for contracts and orders not subject to Clause 252.204-7020; and Additional Considerations Regarding National Institute of Standards and Technology Special Publication 800-171 Department of Defense Assessments. The memo is important for defense contractors because it reminds procuring officials of alternative remedies and tools that are ...

Yesterday, the Department of Defense ("DoD") announced Version 2.0 of the Cybersecurity Maturity Model Certification ("CMMC") Program. Notably, CMMC 2.0 maintains the original CMMC 1.X Program's goal of safeguarding sensitive information, while:

• Simplifying the CMMC standard and providing additional clarity on cybersecurity regulatory, policy, and contracting requirements;
• Focusing the most advanced cybersecurity standards and third-party assessment requirements on companies supporting the highest priority programs; and
• Increasing Department oversight of ...