The Pentagon’s new cybersecurity standards will simplify rules for defense contractors, McGuireWoods Washington, D.C., partner Ned Childs told Law360 in a Jan. 1, 2024, story previewing important policy changes likely to affect federal contractors this year.
The U.S. Department of Defense (DOD) proposed a significant expansion of its cybersecurity requirements in a rule released Dec. 22, 2023. Version 2.0 of the Cybersecurity Maturity Model Certification (CMMC) is a response to complaints that the original version was too rigid and too complex, Law360 reported.
The new rule incorporates feedback the DOD received from defense contractors, said Childs, leader of McGuireWoods’ defense, national security and government contracting industry team.
“We have seen, to their credit, some degree of engagement from the folks over at DOD with industry, to try to get a bit better [an idea] of their perspective as part of the CMMC process,” Childs said.