🔒New Cybersecurity Requirements for Defense Contractors
Defense Federal Acquisition Regulation Supplement: Assessing Contractor Implementation of Cybersecurity Requirements (DFARS Case 2019-D041)
Summary
DoD is issuing a final rule amending the Defense Federal Acquisition Regulation Supplement (DFARS) to incorporate contractual requirements related to the final Cybersecurity Maturity Model Certification program rule, titled Cybersecurity Maturity Model Certification Program. This final DFARS rule also partially implements a section of the National Defense Authorization Act for Fiscal Year 2020 that directed the Secretary of Defense to develop a consistent, comprehensive framework to enhance cybersecurity for the U.S. defense industrial base.
Agencies
- Defense Department
- Defense Acquisition Regulations System
Business Impact
$$$ - High
The text outlines regulatory compliance requirements pertaining to cybersecurity for defense contractors, specifically the Cybersecurity Maturity Model Certification (CMMC). Business owners and executives need to prepare for mandatory compliance relating to CMMC requirements which impact contract eligibility and operational procedures. This affects financial planning and may require investment in cybersecurity measures.