ARTICLE
3 January 2024

DOD Proposed Rule Solidifies Plans For CMMC 2.0 Program: Security Requirements, Assessments, Affirmations, And Some Flow-Down Details

WR
Wiley Rein
Contributor
Wiley Rein logo
Wiley is a preeminent law firm wired into Washington. We advise Fortune 500 corporations, trade associations, and individuals in all industries on legal matters converging at the intersection of government, business, and technological innovation. Our attorneys and public policy advisors are respected and have nuanced insights into the mindsets of agencies, regulators, and lawmakers. We are the best-kept secret in DC for many of the most innovative and transformational companies, business groups, and nonprofit organizations. From autonomous vehicles to blockchain technologies, we combine our focused industry knowledge and unmatched understanding of Washington to anticipate challenges, craft policies, and formulate solutions for emerging innovators and industries.
Explore
The U.S. Department of Defense (DOD) has issued a proposed rule setting forth the requirements for its long-anticipated Cybersecurity Maturity Model Certification 2.0 (CMMC) program.
United States Technology
Photo of Gary S. Ward
Photo of Tracye Winfrey Howard
Photo of Megan L. Brown
Photo of Teresita Regelbrugge
Authors
To print this article, all you need is to be registered or login on Mondaq.com.

WHAT: The U.S. Department of Defense (DOD) has issued a proposed rule setting forth the requirements for its long-anticipated Cybersecurity Maturity Model Certification 2.0 (CMMC) program. The proposed rule primarily addresses security, assessment, and affirmation requirements for contractors that handle federal contract information (FCI) and controlled unclassified information (CUI). The proposed rule also outlines requirements for flow-down of CMMC obligations to subcontractors.

DOD announced that there will be eight CMMC program guidance documents that further describe assessment processes and provide additional guidance for contractor compliance. We will follow up with a deeper dive into the key elements and implications of this significant proposed rule. We've previously covered anticipated changes from the CMMC 1.0 program here.

WHEN: DOD issued the proposed rule on December 26, 2023, with a 60-day comment period (through February 26, 2024).

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Gary S. Ward
Gary S. Ward
Photo of Tracye Winfrey Howard
Tracye Winfrey Howard
Photo of Megan L. Brown
Megan L. Brown
Photo of Teresita Regelbrugge
Teresita Regelbrugge
ARTICLE
3 January 2024

DOD Proposed Rule Solidifies Plans For CMMC 2.0 Program: Security Requirements, Assessments, Affirmations, And Some Flow-Down Details

United States Technology
Contributor
Wiley Rein logo
Wiley is a preeminent law firm wired into Washington. We advise Fortune 500 corporations, trade associations, and individuals in all industries on legal matters converging at the intersection of government, business, and technological innovation. Our attorneys and public policy advisors are respected and have nuanced insights into the mindsets of agencies, regulators, and lawmakers. We are the best-kept secret in DC for many of the most innovative and transformational companies, business groups, and nonprofit organizations. From autonomous vehicles to blockchain technologies, we combine our focused industry knowledge and unmatched understanding of Washington to anticipate challenges, craft policies, and formulate solutions for emerging innovators and industries.
Explore
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More