Previously we reported on the Department of Defense (‘DoD”) efforts to develop a Cybersecurity Maturity Model Certification (“CMMC”) program to verify the status of contractor cybersecurity and compliance. The CMMC program contemplates that third party auditors will be qualified and retained to review and certify contractors and suppliers at all tiers on their levels ofRead More
In the face of increasing concern over the security of Navy and Marine Corps (Navy) programs, the Navy Marine Corps Acquisition Regulation Supplement (NMCARS) was updated on September 6, 2019 to incorporate significant additional cybersecurity compliance, monitoring and reporting requirements, as well as identify potential penalties for contractor noncompliance with cybersecurity requirements or delivery ofRead More
Comments Due September 25, 2019 Earlier this year, Assistant Secretary of Defense for Acquisition & Logistics Kevin Fahey announced that the Department of Defense (“DoD”) was working with Carnegie Mellon University and Johns Hopkins Applied Physics Laboratory to develop a new cybersecurity standard and certification framework for defense contractors, the Cybersecurity Maturity Model Certification (“CMMC”).Read More