Click here to view the recorded session.

Cybersecurity has been an important topic for many years now, yet the government has struggled with how to flow down cybersecurity obligations to its supply chain. The Department of Defense’s (DOD) Cybersecurity Maturity Model Certification (CMMC) is the highest profile example. CMMC 2.0’s goal has been to provide a comprehensive framework to protect the defense industrial base’s sensitive unclassified information from cyberattacks. Ever since the announcement of CMMC 2.0 in 2021, however, government contractors have been largely kept in the dark about how and when it will take effect, and there has been much confusion about what impact implementation may have on business.

Join Kevin Barnett and Daniel Figuenick, attorneys in PilieroMazza’s Cybersecurity & Data Privacy and Government Contracts groups, for an update on CMMC 2.0 implementation and tips for compliance readiness. They’ll cover:

  • implementing a robust internal compliance program;
  • incident response plans to address potential cyber breaches;
  • flow-down of CMMC 2.0 and other cybersecurity requirements between prime contractors and subcontractors;
  • contractors’ cybersecurity obligations before CMMC 2.0 is fully implemented;
  • cost allowability for CMMC 2.0 implementation; and
  • other legal and contractual issues you may face as you prepare your business for CMMC 2.0 and adhere to current federal cybersecurity requirements.