December 16, 2019

The Department of Defense ("DoD") recently published its Draft Cybersecurity Maturity Model Certification ("CMMC") Version 0.7 (dated December 6, 2019). DoD posted the following note with the release:

DoD is releasing this latest version (v0.7) so that the public can review the draft model and begin to prepare for the eventual CMMC roll out. This document includes CMMC Levels 1-5 as well as the associated discussion and clarification for a subset of practices and processes in Appendices B - E.

CMM...

June 23, 2019

The Department of Defense (DoD) will likely publish a draft Cybersecurity Maturity Model Certification (CMMC) standard sometime this summer (see here and here). While much focus has been on how the CMMC will help shore up defense industrial base (DIB) cybersecurity—i.e., as the enforcement mechanism for DFARS 7012/NIST SP 800-171 compliance via third-party audits––DoD also must address the process of how agency personnel will select the CMMC “go/no-go” threshold for set-aside procureme...

June 8, 2019

DoD to propose Cybersecurity Maturity Model Certification (CMMC)––via third-party audit––and it will add another layer to defense contractor cybersecurity compliance.

It appears that the CMMC will be comprised of five levels, ranging from basic to "State-of-the-Art." In addition, the article reports that, "DoD contracts will require specific levels — and awards will be 'go/no-go' based on the contractor’s certification status."

. . .

Article: https://sera-brynn.com/pentagon-to-unveil-new-cybersec...

April 30, 2019

The Sedona Conference Working Group 11 on Data Security and Privacy Liability (WG11) publishes commentary on the application of the attorney-client privilege and work product doctrine protections in the cybersecurity context.

. . .

The Sedona Conference Working Group 11: The Sedona Conference Commentary on Application of Attorney-Client Privilege and Work-Product Protection to Documents and Communications Generated in the Cybersecurity Context, Public Comment Version

#Cyber #Cybersecurity #DataBrea...

August 10, 2018

In the United States, data breaches are at an all-time high.[1]  Thankfully, advances in technology are making it increasingly more difficult for hackers to exfiltrate sensitive data from secure networks.  While technological safeguards provide a necessary element of protection, standing alone, they still remain an incomplete solution.  Companies should also implement robust administrative and physical controls to adequately safeguard valuable data (and corporate reputation).  Regardless, as com...

December 21, 2017

Nowadays, “malware,” “ransomware,” and “hacking” are ubiquitous terms. Take a quick glance at your LinkedIn feed and you might see something related to cybersecurity. Frankly, cybersecurity should be there. The protection of sensitive, personal data is paramount and corporate leaders are taking notice. According to recent surveys by Grant Thornton and the Association of Corporate Counsel, cybersecurity has become a major concern for corporate officers and general counsel.[1] Their concerns aren’...

Please reload

About GovConJudicata

Welcome to GovConJudicata an informational blog/website focusing on government contracts issues, including bid protests (e.g., GAO, COFC), claims, disputes, SBA matters, compliance, regulatory, and cyber (e.g., DFARS, NIST SP 800-171, CMMC).

GovConJudicata is published by Joshua Duvall, managing partner at Matross Edwards, a law firm providing government contracts and cybersecurity legal services to small and mid-sized businesses.

Contact Matross Edwards
Search By Tags
Please reload

Connect
  • LinkedIn
  • Twitter
  • Podcast
  • Spotify
  • TuneIn
  • Apple

Copyright © 2020 Joshua B. Duvall. All rights reserved.

GovConJudicata™ #govconjudicata

CyberJudicata™ #cyberjudicata

LegalJudicata™ #legaljudicata