Cybersecurity, Privacy, & AI

Trending Now

AI Directive Focuses Patching Efforts on ‘Highest Risk’ Vulnerabilities • OpenAI: ‘Likely’ Chinese Influence Operation Tried to Use ChatGPT to Stir Debate on Data Centers • Executive Order on “Promoting Advanced Artificial Intelligence Innovation and Security” • GSA Playing Catch-Up With Industry on AI and Tech, Agency Head Says • Warner Proposes Overhaul of Critical Infrastructure Cyber Plans as AI Threats Rise

Published on December 7, 2021 • Cyber

CMMC 2.0: Giving Defense Contractors More Time to Do Less (on Cybersecurity)

Song_about_summer | Shutterstock

On November 17, 2021, the Department of Defense published an advanced notice of proposed rulemaking in connection with announced changes to the CMMC for the defense industrial base, styled “CMMC 2.0.” Although these changes appear to lessen the burden on contractors (granting more time while reducing requirements), defense contractors are nonetheless well advised to proactively manage cybersecurity threats. Questions contractors are asking include:

Which compliance levels must I meet, and what are the exact requirements?
Will the Government provide financial assistance for small businesses that would be forced out of the defense industrial base if required to foot the entire assessment process bill?
Will there be enough C3PAOs to conduct timely assessments for the tens of thousands of companies that may ultimately need them since the CMMC Accreditation Body’s website lists only 5 accredited C3PAOs so far?
How will CMMC 2.0 affect non-US companies?
What impact will the anticipated GAO report have on the program?
Can the attestation required for self-certification be the basis for a False Claims Act prosecution?

Source:

Arent Fox: CMMC 2.0: Giving Defense Contractors More Time to Do Less (on Cybersecurity)

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.