Cybersecurity, Privacy, & AI

Trending Now

Top House Cyber Lawmaker Plans to Introduce DHS Overhaul Bill by Next Year • Executive Orders Seek to Hasten Quantum Computing—and Guard Against Its Use • In a First, a Court Takedown Goes After Two Cybercrime Tools at Once • NIST Opens Updated IoT Security Guidance to Public Review • Five Eyes Agencies Urge Leaders to Strengthen Cyber Resilience in AI Era

Published on November 30, 2021 • Cyber

CMMC 2.0: Department of Defense Revamps Cybersecurity Maturity Model Certification Program

Alexander Supertramp | Shutterstock

CMMC 2.0 directly impacts how Defense Industrial Base contractors will be required to implement cybersecurity safeguards. The changes may ease compliance burdens for Level 1 contractors who only handle Federal Contract Information and Level 2 contractors who handle non-critical Controlled Unclassified Information—both of whom can perform self-assessments to show compliance. The Pentagon previously estimated that a substantial majority of DIB companies would require only basic cyber hygiene. However, contractors who hold CUI and were previously required to meet Level 2 security practices may face more stringent requirements under CMMC 2.0’s Level 3.

Source:

McGuireWoods: CMMC 2.0: Department of Defense Revamps Cybersecurity Maturity Model Certification Program

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.