Cybersecurity, Privacy, & AI

Trending Now

What Business Leaders Need to Know About Cybersecurity Certification and Enforcement in 2025–2026 • NRC Efficiency Plan to Reuse DOE, DoD Data Met With Skepticism • Closed Briefing Sets Stage For House Hearing On Anthropic’s Mythos and Cyber Risks • CISA, G7 Partners Release AI Software Bill of Materials Guidance • OMB to Refresh the Federal IT Dashboard

Published on April 22, 2022 • Cyber

Cybersecurity Updates: What We’ve Learned About CMMC 2.0 So Far

G-Tech Studios | Shutterstock

Last November, the Defense Department announced sweeping changes to the Cybersecurity Maturity Model Certification program in a new “version 2.0.” Although we are still awaiting the interim regulations, DOD has revealed several updates over the last few months. In its latest comments it has expressed a desire to issue the interim rule implementing CMMC 2.0 by May 2023, with initial requirements showing up in DOD contracts 60 days after the interim rule publication. DOD is also working to finalize additional guidance for identifying CUI, which has been under development for just over 18 months. In the meantime, DOD has been encouraging contractors to focus on compliance with the current requirements in the -7012 clause as well as the assessment requirements in DFARS 252.204-7019 and -7020, which DOD announced at the same time as CMMC 1.0 in September 2020.

Source:

Wiley: Cybersecurity Updates: What We’ve Learned About CMMC 2.0 So Far

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.