DoD’s Stocking Stuffer: Defense Department Announces Proposed CMMC Pilot Programs

Client Alert | 1 min read | 12.21.20

This week, the DoD announced the first group of pilot programs under the Cybersecurity Maturity Model Certification. Although still under review, these programs will likely be among a small group to issue solicitations in FY2021 that will require a CMMC certificate to be eligible for award. The DoD expects to identify eight other programs in the coming weeks, bringing the total number of FY2021 solicitations subject to CMMC up to 15. Each program is expected to require a Level 3 certificate for primes, and either a Level 3 or Level 1 certificate for every subcontractor, with limited exceptions.

U.S. Navy

Integrated Common Processor
F/A-18E/F/ Full Mod of the SBAR and Shut Off Valve
DDG-51 Lead Yard Services / Follow Yard Service

U.S. Air Force

Mobility Air Force Tactical Data Links
Consolidated Broadband Global Area Network Follow-On
Azure Cloud Solution

Missile Defense Agency

Technical Advisory and Assistance Contract

Contacts

Michael G. Gruden
Partner
- Washington, D.C.
  - D | +1.202.624.2545
bWdydWRlbkBjcm93ZWxsLmNvbQ==
Kate M. Growley
Partner and Crowell Global Advisors Senior Director
- Washington, D.C.
  - D | +1.202.624.2698
- Washington, D.C. (CGA)
  - D | +1 202.624.2500
a2dyb3dsZXlAY3Jvd2VsbC5jb20=

Insights

Client Alert | 7 min read | 06.24.26

DOJ’s National Security Division Announces First Declination Under New Corporate Enforcement Policy With Parallel BIS Settlement

On June 17, 2026, the U.S. Department of Justice’s (DOJ( National Security Division (NSD) announced that it had issued a declination for Robert Bosch GmbH (Bosch) relating to potential violations of the Export Control Reform Act, 50 U.S.C. § 4819 (ECRA). Specifically, the DOJ declined to criminally prosecute Bosch’s violations of the Export Administration Regulations’ (EAR) Foreign Direct Product Rule (FDPR), which apparently resulted from two Bosch subsidiaries’ export of products and software manufactured with equipment that was the direct product of U.S. software or technology to Huawei Technologies Co., Ltd. and its “Entity List” affiliates, including Huawei Tech. Investment Co., Ltd., Hong Kong (collectively, Huawei). The same day, the U.S. Department of Commerce Bureau of Industry and Security (BIS) announced a parallel civil administrative settlement with Bosch....

Client Alert | 3 min read | 06.24.26
OhioHealth Settlement and White House Report Signal Broader Federal Focus on Restrictive Hospital Contracting
Client Alert | 4 min read | 06.23.26
EPA Hands Over AI Data Center Regulation to States and Communities to Develop Best Practices
Client Alert | 3 min read | 06.22.26
Timing Is Everything: GAO Dismisses Three Protests Filed Before the Solicitation Deadline but After GAO’s Daily Cutoff Time

View All Insights