CMMC 2.0: 7 Key Takeaways to Help Government Contractors Prepare

LeoWolfert | Shutterstock

On November 4, 2021, the Department of Defense (DOD) dropped a bombshell press release stating it plans to retract the Cybersecurity Maturity Model Certification (CMMC) 1.0 and replace it with a simplified, streamlined 2.0. The press release does not explain how DOD plans to simplify and streamline CMMC, but an Advance Notice of Proposed Rulemaking issued concurrently with the press release (and removed later the same day) contains some insights into the key changes DOD intends to make.  PilieroMazza’s Cybersecurity & Data Privacy Group offers 7 key takeaways government contractors need to know to prepare for CMMC 2.0.