Last week, we covered the Cybersecurity Maturity Model Certificate (CMMC) Procurement Rule (the Rule), which formalizes cybersecurity as a condition of doing business with the U.S. Department of Defense (DoD). The Rule requires federal contractors and subcontractors to demonstrate they meet the specified security standards before accessing Federal Contract Information (FCI) and Controlled Unclassified Information
Controlled Unclassified Information
Comply to Compete: DoD Finalizes CMMC Rule for Federal Contractors
By Roma Patel on
Posted in Enforcement + Litigation
In August 2024, The Department of Defense (DoD) released a proposed amendment to the Defense Acquisition Regulations Supplement (DFARS) – which provides acquisition policies and procedures for the DoD – that would require a Cybersecurity Maturity Model Certification (CMMC) program to become a required part of the DoD’s contracting process. The CMMC program is a…
Department of Defense’s Proposed Amendment to DFARS for Inclusion of Cybersecurity Maturity Model Certification in Contracts
By Kathryn Rattigan on
Posted in Cybersecurity
Last week, the U.S. Department of Defense (DoD) released a proposed amendment to the Defense Acquisition Regulations Supplement (DFARS) that would require a Cybersecurity Maturity Model Certification (CMMC) program to become a required part of the DoD’s contracting process. The CMMC program is a DoD program that helps businesses meet security requirements for their work…
U.S. Government Intervenes in Case Alleging Unauthorized Disclosure of CUI
By Robinson+Cole's Data Privacy + Cybersecurity Team on
Posted in Enforcement + Litigation
The U.S. government recently intervened in a False Claims Act qui tam case against Georgia Tech Research Corporation, Georgia Institute of Technology, and Georgia Tech Research Institute for violations of NIST 800-171 for failing to protect Controlled Unclassified Information (CUI). Long story short, the U.S. intervention means that the government is taking this case seriously…