Panchenko Vladimir | Shutterstock

On September 29, 2020, the Department of Defense (DoD) issued a long-anticipated interim rule implementing its Cybersecurity Maturity Model Certification (CMMC) program. The rule introduces a new mandatory construct, the DoD Assessment Methodology, to serve as an interim certification process before contractors undergo a full CMMC review. A full description of the interim rule and what it means for DoD contractors follows. The interim rule becomes effective November 30, 2020, although full implementation of CMMC will not be achieved until 2025.

Read the full post at Morrison Foerster