1. Home
  2. |Insights
  3. |DoD Previews New Third-Party Cyber Certification Requirements

DoD Previews New Third-Party Cyber Certification Requirements

Client Alert | 1 min read | 06.17.19

The Department of Defense is moving closer to a third-party certification to ensure compliance with its standard cybersecurity requirements – what is being called the “Cybersecurity Maturity Model Certification” (CMMC). While still in the early stages of development, the CMMC would likely require all contractors subject to DFARS 252.204-7012 to obtain a certification issued by an independent third party stating that the contractor has sufficiently implemented its required cybersecurity controls. Holding this certification would be a “go/no-go” condition to compete for relevant DoD work. Although NIST SP 800-171 is the default cybersecurity standard currently required under -7012, DoD is also exploring the creation of a new standard that would govern the certification. DoD is projecting that the CMMC will start appearing in solicitations as early as Fall 2020, but much work remains to be done – including potential revisions to -7012 – and will no doubt be informed by extensive industry engagement. 

Contacts

Insights

Client Alert | 6 min read | 07.09.26

EU Steel Overcapacity Regulation: New Permanent Measure in Force from 1 July 2026

The EU’s steel safeguard under Implementing Regulation (EU) 2019/159 expired on 30 June 2026 and has been replaced by a new permanent instrument — the EU Steel Overcapacity Regulation (Regulation (EU) 2026/1384) (the Regulation”). It imposes tariff-rate quotas and an out-of-quota duty, similarly to the steel safeguard measures that expired. The out-of-quota duty has been raised from 25% to 50% to minimize the risk of trade diversion. The Regulation reduces duty-free imports of 26 categories of steel products into the EU by an average of 47% compared with the quotas under the until recently applicable safeguard measures....