1. Home
  2. |Insights
  3. |DoD Previews New Third-Party Cyber Certification Requirements

DoD Previews New Third-Party Cyber Certification Requirements

Client Alert | 1 min read | 06.17.19

The Department of Defense is moving closer to a third-party certification to ensure compliance with its standard cybersecurity requirements – what is being called the “Cybersecurity Maturity Model Certification” (CMMC). While still in the early stages of development, the CMMC would likely require all contractors subject to DFARS 252.204-7012 to obtain a certification issued by an independent third party stating that the contractor has sufficiently implemented its required cybersecurity controls. Holding this certification would be a “go/no-go” condition to compete for relevant DoD work. Although NIST SP 800-171 is the default cybersecurity standard currently required under -7012, DoD is also exploring the creation of a new standard that would govern the certification. DoD is projecting that the CMMC will start appearing in solicitations as early as Fall 2020, but much work remains to be done – including potential revisions to -7012 – and will no doubt be informed by extensive industry engagement. 

Insights

Client Alert | 5 min read | 05.30.25

DOJ and FTC File Statement of Interest Supporting Antitrust Lawsuit Against Asset Managers’ Climate Goals

On May 22, 2025, the U.S. Department of Justice and the Federal Trade Commission (the “U.S. Antitrust Agencies”) filed a Statement of Interest supporting thirteen states’ claims that asset managers violated antitrust and consumer protection law through their environmental, social, and governance (“ESG”) activities. The Statement, which opposes the asset managers’ motion to dismiss the antitrust claims, indicates the federal antitrust agencies support antitrust theories favored by anti-ESG activists, which may lead to federal investigations and lawsuits based on such theories....