Department of Defense (DOD)

The William (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021 (“NDAA”) enacts major changes to America’s cyber defenses, reshaping how the private sector can combat growing cyber threats, as well as realigning roles and responsibilities of federal government agencies. This Legal Update discusses select cyber provisions in the NDAA and highlights key takeaways

On January 31, 2020, the US Department of Defense (DoD) Office of the Under Secretary of Defense for Acquisition and Sustainment (OUSD(A&S)) released Cybersecurity Maturity Model Certification (CMMC) Version 1.0. DoD developed the CMMC to provide a unified cybersecurity standard for defense contractors and suppliers across all of the Defense Industrial Base (DIB), which,

On November 7, the U.S. Department of Defense (DoD) Office of the Under Secretary of Defense for Acquisition and Sustainment (OUSD(A&S)) released Draft Version 0.6 of its Cybersecurity Maturity Model Certification (CMMC) for public comment. According to DoD’s overview briefing, the CMMC was created to provide “a unified cybersecurity standard for DoD acquisitions to

On September 20, 2018, the Trump administration released a comprehensive National Cyber Strategy. This document builds on initiatives outlined in Executive Order 13800, “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure”(May 2017). (See our Legal Update.) The strategy’s stated objective is to “ensure the American people continue to reap the benefits of a

On December 18, 2015, President Obama signed the Consolidated Appropriations Act, 2016 into law. This omnibus appropriations legislation will create significant new rules for the voluntary sharing of cybersecurity information within the private sector and with the government. Passage of the omnibus appropriations legislation thus brings to a close the multi-year debate over cybersecurity information