On September 29, 2020, the Department of Defense published the long-awaited DFARS for Assessing Contractor Implementation of Cybersecurity Requirements. The new rule was issued as an Interim Rule. It will be effective on November 30, 2020. Two new contract clauses concern “NIST SP 800-171 DoD Assessment Requirements” and one clause is about contractor compliance with CMMC Requirements. The rule reflects a “two-pronged approach” to assess and verify the ability of defense contractors to protect Federal Contract Information and Controlled Unclassified Information (CUI). The first prong applies to all contractors now subject to the -7012 DFARS and involves DCMA and self-assessments against the 110 requirements of NIST SP 800-171. The second prong applies to more companies in the defense industrial base and where invoked companies must obtain required levels of CMMC “certification” to receive contract award.
The new Interim Rule will broadly affect all DoD companies – and there are indications that other federal agencies, including GSA, will apply cyber requirements including application of CMMC. This program will review the strategy, structure and operation of the cybersecurity Interim Rule. It will distinguish and explain the difference between the DoD Assessment and CMMC prongs of the rule. Also addressed will be key issues to consider for possible Comments to the Interim Rule. (These are due on or before November 30, 2020.)
Bob is a co-author of the 2018 MITRE “Deliver Uncompromised” Report which contributed to present DoD security initiatives including CMMC. Bob is a widely published author on a variety of cyber and supply chain security subjects whose views are respected by industry and government alike. As a Special Government Employee, Bob served on the Defense Science Board Cyber-Supply Chain study. As a MITRE consultant, he has assisted on several security projects for federal sponsors.
Keystone: Unlimited Complimentary
Executive/Strategic Partner: Unlimited Complimentary
Premier: Unlimited Complimentary
Standard: $50
Non-Member: $95
Government: Unlimited Complimentary