Tag Archives: CMMC

Department of Defense’s Interim Rule Imposes New Assessment Requirements But is Short on Detail on Implementation of CMMC

On September 29, 2020, the Department of Defense (DoD) released an interim rule that industry hoped would provide clear guidance with regard to DoD’s implementation of its Cybersecurity Maturity Model Certification (CMMC) framework.  The vast majority of the rule focuses on DoD’s increased requirements for confirming that contractors are currently in compliance with all 110 … Continue Reading

National Institute for Standards and Technology Releases Draft of NIST SP 800-172

The National Institute for Standards and Technology released the draft of NIST Special Publication 800-172 (“NIST SP 800-172”) on July 6, 2020.  This draft special publication succeeds the prior draft NIST SP 800-171B that NIST published in June 2019, and operates as a supplement to the NIST SP 800-171 controls that federal contractors generally must … Continue Reading

A Closer Look at Version 1.0 of DoD’s Cybersecurity Maturity Model Certification

On January 31, the Department of Defense (“DoD”) released Version 1.0 of its Cybersecurity Maturity Model Certification (“CMMC”).  This is the fourth iteration of the CMMC that DoD has publicly released since it issued the first draft in October, and it is intended to be the version that auditors will be trained against, and that … Continue Reading

DoD Announces the Release of CMMC Version 1.0

On Friday January 31, 2020, Ellen Lord, Under Secretary of Defense for Acquisition and Sustainment, Kevin Fahey, Assistant Secretary of Defense for Acquisition, and Katie Arrington, the Chief Information Security Officer for the Department of Defense (“DoD”), briefed reporters on the release of the Cybersecurity Maturity Model Certification (“CMMC”) Version 1.0.  We have discussed draft … Continue Reading

DoD Releases Version 0.7 of Its Cybersecurity Maturity Model Certification

On December 13, the Department of Defense (“DoD”) released the latest version of its Cybersecurity Maturity Model Certification (“CMMC”).  This is the third iteration of the draft model that DoD has publicly released since it issued the first draft in October.  (We previously discussed Version 0.4 and Version 0.6 of the CMMC in prior blog … Continue Reading

DoD Releases Version 0.6 of its Cybersecurity Maturity Model Certification

On November 7, the Office of the Assistant Secretary of Defense for Acquisition released Version 0.6 of its draft Cybersecurity Maturity Model Certification (CMMC) for public comment. The CMMC was created in response to growing concerns by Congress and within DoD over the increased presence of cyber threats and intrusions aimed at the Defense Industrial … Continue Reading

DoD Releases Public Draft of Cybersecurity Maturity Model Certification and Seeks Industry Input

On September 4, the Office of the Assistant Secretary of Defense for Acquisition released Version 0.4 of its draft Cybersecurity Maturity Model Certification (CMMC) for public comment.  The CMMC was created in response to growing concerns by Congress and within DoD over the increased presence of cyber threats and intrusions aimed at the Defense Industrial … Continue Reading
LexBlog