CMMC implementation plan takes shape in proposed rule
By 
Kyle Brasseur2023-12-28T16:28:00
The Department of Defense (DoD) released for comment a proposed rule setting guidelines for implementation of the Cybersecurity Maturity Model Certification (CMMC) program.
The proposal, published Tuesday, would “establish requirements for a comprehensive and scalable assessment mechanism to ensure defense contractors and subcontractors have … implemented required security measures” under the CMMC, which applies to federal contract information and controlled unclassified information.
Comments on the proposal are due by Feb. 26.
Related articles
-
PremiumNavigating compliance: A guide for small teams to tackle CMMC
Many small organizations within the Defense Industrial Base are struggling to meet the rigorous requirements validated through the Cybersecurity Maturity Model Certification, writes Thomas Graham, CISO at Redspin. If you haven’t been tracking it closely, CMMC was finalized in October, with an effective date of December 16, 2024.
-
PremiumAI in 2024: More business use, more fraud risks
Use of generative artificial intelligence by businesses will ramp up in 2024, as will risk of AI-driven cyberattacks and fraud, according to experts.
-
PremiumCyber expert: Reach for data security to achieve compliance
Data security and compliance are not one and the same but have enough overlap that organizations can take steps when building a data security program to move closer to achieving compliance.
More from Regulatory Policy
-
News BriefU.S. Labor Department advances sweeping deregulation push targeting worker protections
The U.S. Department of Labor (DOL) appears to be in the process of deregulating work rules. Some of the changes proposed would result in a reduction of pay for certain health workers and allow minors to work hazardous jobs.
-
News BriefAtkins says SEC to embrace innovation, criticizes regulatory uncertainty around tokenization
SEC Chair Paul Atkins pointed to the growth of tokenized shares as a key development reshaping private markets, suggesting the agency is preparing to update its rules to keep pace with new forms of digital asset trading and settlement.
-
News BriefEuropean Commission unveils a simpler, more competitive EU Single Market, but businesses remain skeptical
The EU’s new strategy aims to boost SME growth and cut market barriers, but businesses doubt reforms will happen, and consumer groups fear weaker data protections.