Cybersecurity, Privacy, & AI

Trending Now
Daybreak Is OpenAI’s Answer to the AI Arms Race in Cybersecurity • Cyber Operations Aren’t Slow — Our Thinking Is • ‘No Time to Waste’ in Prepping Governments for AI Cyber Threats, Top Dem Lawmaker Says • ‘Insatiable Appetite’ for AI: Maven Usage Surged for Strikes on Iran, Pentagon AI Chief Says • Navigating Automation, Robotics, AI, and Data in a QMSR-Driven Manufacturing World
Protests & Claims Newsletter Cyber & Privacy Newsletter Compliance & Enforcement Newsletter Development Newsletter Transforming Procurement Newsletter
Published on December 14, 2021 • Cyber

CMMC 2.0 Simplifies Requirements But Raises Risks for Government Contractors

CMMC 2.0 Simplifies Requirements But Raises Risks for Government Contractors

G-Tech Studios | Shutterstock

For defense industrial base companies that will provide annual self-assessment affirmations within the CMMC 2.0 framework, steps can be taken to reduce the risk of future DOJ investigations and qui tam suits:

  • First, DIB companies should implement and maintain written cybersecurity policies that are consistent with the basic safeguarding requirements of the FAR clause 52.204-21 and, if applicable, DFARS 252.204-7012.
  • Second, DIB companies should develop and foster a culture of compliance throughout the organization, including employee training, internal disclosure controls and/or board oversight on leadership’s management.
  • Finally, contractors should consider a CMMC certification to give themselves a competitive advantage and minimize the risk of other DIB companies not wanting to do business with them because of the cybersecurity risks they pose.

Source:

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.

© PubKGroup 2024