1. Home
  2. |Insights
  3. |Cybersecurity Maturity Model Matures: DoD Adds New Requirements to Draft Cybersecurity Certification

Cybersecurity Maturity Model Matures: DoD Adds New Requirements to Draft Cybersecurity Certification

Client Alert | 1 min read | 09.10.19

The Defense Department has released Revision 0.4 of its Cybersecurity Maturity Model Certification (CMMC) that, starting next year, independent auditors are to use to certify contractor compliance with DoD cybersecurity requirements.  Revision 0.4 more than doubles the number of cybersecurity controls across the CMMC’s five maturity “Levels.”  But the DoD emphasizes that it will further down-select these controls and that mature contractor processes may counteract gaps in the final controls’ implementation.  In addition to NIST SP 800-171 (the default standard under DFARS 252.204-7012), Revision 0.4 now incorporates requirements from the NIST Cybersecurity Framework, ISO 27001, and CIS Critical Security Controls, as well as from “additional DIB inputs.”  Notably missing is NIST SP 800-171B, which remains under review.

The DoD is requesting feedback on Revision 0.4 through September 25, 2019, and plans on releasing Revision 0.6 for comment in November 2019.   The final CMMC is expected in January 2020. 

Insights

Client Alert | 3 min read | 05.02.25

Supreme Court Hears Argument About Uninjured Class Members

On April 29, 2025, the Supreme Court heard oral argument in Laboratory Corporation of America Holdings, dba Labcorp, v. Luke Davis, et al., No. 22-55873. The Supreme Court had granted a petition for writ of certiorari in the case as to the following question: “[w]hether a federal court may certify a class action pursuant to Federal Rule of Civil Procedure 23(b)(3) when some members of the proposed class lack any Article III injury.” The Justices focused much of the oral argument on whether the case was moot, suggesting they may not reach the merits. And when soliciting argument on the merits, the Court appeared divided as to how to answer the question....