CMMC Clause Rule: What to Know
Webinar | 09.15.25, 12:00 PM EDT - 1:00 PM EDT
The Department of Defense (DoD) has released the highly anticipated second final rule for the Cybersecurity Maturity Model Certification Program (CMMC), ushering in its mandatory implementation that begins on November 10. CMMC is a unified assessment model released by the DoD in response to the growing threat of cyberattacks on and data theft from the Defense Industrial Base. This program requires every DoD contractor that handles sensitive government data to certify compliance with certain cybersecurity controls. CMMC brings greater scrutiny to contractors’ cybersecurity compliance and greater risks associated with compliance failures. To achieve certification, contractors must prove that their organizations can meet a myriad of security control obligations, a process that can be daunting without familiarity with the policies, procedures, and practices that will be required when the program is finalized.
Join us as we discuss CMMC in a live panel webinar featuring Privacy & Cybersecurity and Government Contracts attorneys who have been following the evolution of the DoD’s approach to contractor cybersecurity since its inception. Our panel will include Michael Gruden, Kate Growley, Jacob Harrison, Jessica Chao, and Alexis Ward.
Topics will include:
- Overview of the final rule and new CMMC DFARS clauses
- CMMC certification and attestation requirements
- Timeline for CMMC contract requirements
- Attestation and certification enforcement risks
- CMMC supply chain management
For more information, please visit these areas: Government Contracts
Participants
Partner, Crowell Global Advisors Senior Director
- Washington, D.C.
- D | +1.202.624.2698
- Washington, D.C. (CGA)
- D | +1 202.624.2500
Insights
Webinar | 10.16.25
The landscape of AI governance and regulation is shifting. Following the release of the White House’s “America’s AI Action Plan” in July 2025 and the President’s signing of related Executive Orders, the White House has emphasized (at least rhetorically) a preference for innovation, adoption, and deregulation. But that does not tell the entire story. The Administration remains committed to exercising a heavy hand in AI, including by banning the U.S. government’s procurement of so-called “woke AI,” intervening in the development of data centers and the export of the AI technology stack, imposing an export fee for certain semiconductors to China, and assuming a stake in a U.S. semiconductor company. State legislatures are also racing to implement their own regulations, particularly around AI’s use in critical areas, such as healthcare, labor and employment, and data privacy. The many sources of regulation raise the specter of a fragmented compliance environment for businesses. This webinar will delve into the Administration’s AI strategy, going beyond the headlines to analyze:
Webinar | 10.08.25
Webinar | 09.29.25
False Claims Act and Customs Enforcement—What You Need to Know
Webinar | 09.25.25