CMMC

Recapping CMMC Level 3: Considerations for Government Contractors

By Eleanor M. Ross, Cassidy Kim & Olivia Bellini on October 16, 2025

Posted in Cybersecurity, Featured, Government Contractors, GT Alert

On Sept. 10, 2025, the Department Defense (DoD) issued a final rule amending the Defense Acquisition Regulation Supplement (DFARS) to implement the Cybersecurity Maturity Model Certification (CMMC) program for government contractors.
Continue Reading Recapping CMMC Level 3: Considerations for Government Contractors

Recapping CMMC Level 2: Considerations for Government Contractors

By Eleanor M. Ross, Cassidy Kim & Olivia Bellini on October 13, 2025

Posted in Cybersecurity, Data Privacy & Cybersecurity, Featured, Government Contractors, GT Alert

Starting Nov. 10, 2025, contractors and subcontractors handling controlled unclassified information (CUI) may be required to have a current CMMC Level 2 self-assessment for new contracts and option exercises involving CUI.
Continue Reading Recapping CMMC Level 2: Considerations for Government Contractors

Recapping CMMC Level 1: Considerations for Government Contractors

By Eleanor M. Ross, Cassidy Kim & Olivia Bellini on October 9, 2025

Posted in Cybersecurity, Featured, Government Contractors, GT Alert

On Sept. 10, 2025, the Department Defense (DoD) issued a final rule amending the Defense Acquisition Regulation Supplement (DFARS) to implement the Cybersecurity Maturity Model Certification (CMMC) program for government contractors. This final rule established a November 10, 2025 go-live date for the start of phase 1 of CMMC. As we covered in our prior…

CMMC Rulemaking Approaches Comment Deadline

By Eleanor M. Ross, Cassidy Kim & Olivia Bellini on October 8, 2024

Posted in Cybersecurity, Featured, Government Contractors, GT Alert

On Aug. 15, 2024, the Department of Defense (DoD) published a proposed rule that would implement contract clauses under 48 CFR related to the Cybersecurity Maturity Model Certification (CMMC) Program (Proposed Rule). DoD previously published a related proposed rule that would implement the CMMC 2.0 Program under 32 CFR 170 and provided the relevant security…

NIST Updates Guidelines for Protecting Sensitive Unclassified Info: Implications for Defense Contractors

By Eleanor M. Ross & Jeffery M. Chiow on June 7, 2023

Posted in Cybersecurity, Data, Data Privacy & Cybersecurity, Featured, Privacy, Technology

On May 10, 2023, the National Institutes of Standards and Technology (NIST) released Revision 3 to its foundational publication, 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. The publication provides guidelines for protecting sensitive unclassified information in contractor systems, and these guidelines establish the baseline cybersecurity requirements for federal defense contractors. …

DOD Marches Full Steam Ahead With Release of New Draft CMMC 0.7

By Daniel D. Straus on December 20, 2019

Posted in Data Privacy & Cybersecurity, Featured

On Dec. 13, 2019, the Under Secretary of Defense for Acquisition and Sustainment (OUSD(A&S)) released Draft 0.7 of the Cybersecurity Maturity Model Certification (CMMC) framework. The CMMC framework will be used by third party auditors to certify that members of the Defense Industrial Base (DIB) sector are complying with the Department of Defense’s (DOD’s) baseline…

Data Privacy Dish

CMMC

Recapping CMMC Level 3: Considerations for Government Contractors

Recapping CMMC Level 2: Considerations for Government Contractors

Recapping CMMC Level 1: Considerations for Government Contractors

CMMC Rulemaking Approaches Comment Deadline

NIST Updates Guidelines for Protecting Sensitive Unclassified Info: Implications for Defense Contractors

DOD Marches Full Steam Ahead With Release of New Draft CMMC 0.7

About Greenberg Traurig