On Aug. 15, the U.S. Department of Defense issued a proposed rule, Assessing Contractor Implementation of Cybersecurity Requirements, which seeks to implement contractual requirements for DOD contracts related to the recently proposed Cybersecurity Maturity Model Certification 2.0 Program. As currently proposed, the rule raises serious concerns regarding a lack of clear definitions and flexibility for federal contractors on DOD projects.

On Feb. 26, ABC joined the U.S. Chamber of Commerce and eight other groups in submitting comments to the U.S. Department of Defense on its Cybersecurity Maturity Model Certification (CMMC) Program proposed rule, which would require federal contractors and subcontractors competing for DOD contracts to demonstrate continued compliance with a range of cybersecurity measures in order to maintain eligibility for performing and winning new federal awards.

On Jan. 30, 2024, ABC submitted a letter requesting a 30-day extension of the comment period on the U.S. Department of Defense’s proposed rule and guidance documents implementing the Cybersecurity Maturity Model Certification 2.0 Program.

On Dec. 26, 2023, the U.S. Department of Defense released a proposed rule and guidance documents implementing the Cybersecurity Maturity Model Certification 2.0 Program. As proposed, CMMC 2.0 would require federal contractors and subcontractors competing for DOD contracts to demonstrate continued compliance with a range of cybersecurity measures to maintain eligibility for performing and winning new federal awards.