CMMC

CMMC enforcement begins after eight years of warnings

"There is no excuse for industry to not be ready," observers say as enforcement begins.

  • By Nick Wakeman

Risks of cyber fraud allegations remain high for companies subject to government requirements

COMMENTARY | Stricter government cybersecurity requirements present elevated risk to companies due to increased enforcement pressure and additional bases for allegations of cybersecurity fraud.

  • By Moriah Daugherty, Ryan Burnette, Ashden Fein, Susan Cassidy and Peter Hutt II

Cyber champion Robert Metzger dies after cancer battle

The defense industry is mourning the loss of a legal expert, widely known as the "Godfather of CMMC," whose work on supply chain security helped shape national standards.

  • By Nick Wakeman
Breaking News

CMMC's final rule has now landed

Several other regulatory steps and Congress' 60-day period to review the defense industrial base's new cybersecurity standard still loom before it takes effect.

  • By Nick Wakeman

DOD unveils proposed final rule for CMMC contracting

A phased rollout of the cybersecurity standard should begin in early 2025, with varying compliance levels and increased program office discretion.

  • By Nick Wakeman

The coming cyber reckoning for federal contractors

Contractors face a 90-day deadline to prove their cybersecurity compliance as awards for the OASIS+ vehicle start to fall and that is a precursor to broader industry-wide requirements, DTS CEO Edward Tuorinsky writes.

  • By Edward Tuorinsky
Insights & Reports
The Federal Threat: 98% of npm & PyPI Malware Neutralized With a Source-First Approach
Presented By Chainguard
Download Now
AI for Government Legal Teams: What’s Possible
Presented By Filevine
Download Now

Nearly 300 comment on proposed CMMC rule

The Defense Department now has to process and respond to the comments before it issues the final version of the industry-wide rule in the fall.

  • By Nick Wakeman

Experts expect some support for small businesses facing CMMC compliance

The Pentagon’s draft CMMC rule doesn’t exempt small firms from the security standards for defense contractors and subcontractors, but that doesn’t mean they won’t receive any help meeting the requirements.

  • By Edward Graham

Pentagon issues proposed CMMC rule

The long-anticipated draft rule, which will be officially published on Dec. 26, outlines proposed updates to DOD’s cybersecurity requirements for defense contractors and subcontractors who handle sensitive military data.

  • By Edward Graham

New Pentagon cyber strategy emphasizes industry and global partnerships

A top Defense Department official described the private sector as “absolutely essential” in implementing the agency’s new cyber strategy.

  • By Chris Riotta

DOD, OMB expect September release of proposed CMMC rule

The rule that details the defense industrial base's new cybersecurity standard appears ready for review at the Office of Management and Budget.

  • By Nick Wakeman

New CMMC Training to Align with Certification Changes

Look for trainers working on the Cybersecurity Maturity Model Certification program to realign their efforts to support recent changes to the certification process in 2022.

  • By Lauren C. Williams

Closing the CMMC training gaps

Look for trainers working on the Cybersecurity Maturity Model Certification program to realign their efforts to support recent changes to the certification process in 2022.

  • By Lauren C. Williams, FCW
Featured eBooks
Future-Ready Workforce
Read Now

Health Tech

Read Now

AI Applications

Read Now

CMMC assessments could resume in January

The governing body responsible for implementing the Defense Department’s unified cybersecurity program for contractors expects security procedures for authorized third party assessors to start back up in early 2022. But DOD has the final say on the timeline.

  • By Lauren C. Williams, FCW

What’s next for CMMC

After the Defense Department revamped cybersecurity standards for contractors, the Cybersecurity Maturity Model Certification program’s accreditation body is making adjustments.

  • By Lauren C. Williams, FCW

Who's going to volunteer for the new CMMC?

The Defense Department is looking for contractors to test out its revamped cybersecurity standard to protect unclassified but sensitive data.

  • By Lauren C. Williams, FCW

DOD revamps controversial CMMC program

After a nine-month review, the Defense Department is replacing its original cyber compliance program for the industrial base with CMMC 2.0, putting more emphasis on self-assessment.

  • By Adam Mazmanian, FCW

White House pick for DOD CIO eyes tweaks to CMMC

The Biden administration's pick to be the Pentagon's tech chief wants to make it easier for small businesses to adhere to the Defense Department's cybersecurity standards and expand network optimization across the entire enterprise.

  • By Lauren C. Williams, FCW

CMMC's Arrington sues DOD to clear her name

Katie Arrington, who has been off the job since May, is suing the Department of Defense to get resolution on her personnel case.

  • By Adam Mazmanian, FCW

DOD wants industry to continue with CMMC prep amid program review

Dr. Christine Michienzi, the chief technology officer for the Office of the Deputy Assistant Secretary of Defense for Industrial Policy, said while results were coming soon, defense contractors should "continue on" with updates to cybersecurity practices as DOD finalizes its review of its Cybersecurity Maturity Model Certification program.

  • By FCW

DOD's silence on CMMC is worrying industry, trade groups claim

Months of silence from the Defense Department on the status of the Cybersecurity Maturity Model Certification program is palpable and stirring unease among defense contractors, trade associations say in a letter to Deputy Defense Secretary Kathleen Hicks.

  • By Lauren C. Williams, FCW