DoD Previews Final Cybersecurity Maturity Model Certification with Revision 0.7
Client Alert | 1 min read | 12.17.19
The Department of Defense (DoD) recently released another revision to its Cybersecurity Maturity Model Certification (CMMC) that, starting next year, independent auditors will use to certify contractor compliance with DoD cybersecurity requirements. Most notably, Revision 0.7 previews the requirements for cybersecurity maturity Levels 4 and 5. Moving beyond the cyber hygiene requirements of Levels 1 through 3, Levels 4 and 5 require even more robust cybersecurity programs capable of addressing the dynamic threats posed by advanced persistent threats (APTs). These two highest levels of certification also implement the enhanced security requirements documented in NIST SP 800-171B, which remains in draft form.
The DoD is expected to announce the final CMMC in January of next year and begin introducing “go/no-go” certification requirements in solicitations as early as June 2020.
Contacts
Partner and Crowell Global Advisors Senior Director
- Washington, D.C.
- D | +1.202.624.2698
- Washington, D.C. (CGA)
- D | +1 202.624.2500
Insights
Client Alert | 5 min read | 03.30.26
The EU Pharma Package: The Transferable Exclusivity Voucher Compromise Proposal
In our third alert in this EU Pharma Package Series, we provided a detailed overview of the diverging positions of the European Commission, the European Parliament , and the Council of the European Union on the transferable exclusivity voucher (TEV) for priority antimicrobials.
Client Alert | 2 min read | 03.27.26
CMS Releases PY 2020 RADV Audit Methods and Instructions: Key Takeaways for Health Plans
Client Alert | 4 min read | 03.25.26
NAIC Intensifies AI Regulatory Focus: What Health Insurance Payors Need to Know
Client Alert | 11 min read | 03.25.26
White House National AI Policy Framework Calls for Preempting State Laws, Protecting Children
