CMMC 2.0: Legal, Assessor, and Threat Intelligence Perspectives

Webinar | 02.14.24, 1:00 PM EST - 2:00 PM EST

Address

Virtual

Join members of Crowell’s Privacy & Cybersecurity practice and panelists from Coalfire and Mandiant as we discuss the highly anticipated proposed rule for the Cybersecurity Maturity Model Certification Program (CMMC) issued by the Department of Defense (DOD) in December. CMMC is a unified assessment model released by the DoD in response to the growing threat of cyberattacks and data theft from its supply chain vendors. As proposed, this program requires every Federal contractor that handles DoD sensitive data to comply with certain cybersecurity controls. CMMC will bring greater scrutiny to contractors’ cybersecurity compliance and greater risks associated with failure to comply. To achieve certification, you’re required to prove that your organization can meet a myriad of security control obligations, a process that can be daunting if you’re not familiar with the policies, procedures, and practices that may be required when the program is finalized.

Topics will include:

Overview of the CMMC proposed rule
The CMMC certification process and what to expect
Survey of the current threat environment shaping CMMC
Common CMMC compliance challenges and recommended best practices
Impact of CMMC attestations on other cyber disclosure regulations (e.g., FCA, SEC, etc.)

For more information, please visit these areas: Privacy and Cybersecurity, Government Contracts

Participants

Michael G. Gruden
Partner
- Washington, D.C.
  - D | +1.202.624.2545
bWdydWRlbkBjcm93ZWxsLmNvbQ==

Insights

Webinar | 10.16.25

The Artificial Intelligence Agenda from Capitol Hill to State Capitals: Where We Are and Where We Are (Probably) Going

The landscape of AI governance and regulation is shifting. Following the release of the White House’s “America’s AI Action Plan” in July 2025 and the President’s signing of related Executive Orders, the White House has emphasized (at least rhetorically) a preference for innovation, adoption, and deregulation. But that does not tell the entire story. The Administration remains committed to exercising a heavy hand in AI, including by banning the U.S. government’s procurement of so-called “woke AI,” intervening in the development of data centers and the export of the AI technology stack, imposing an export fee for certain semiconductors to China, and assuming a stake in a U.S. semiconductor company. State legislatures are also racing to implement their own regulations, particularly around AI’s use in critical areas, such as healthcare, labor and employment, and data privacy. The many sources of regulation raise the specter of a fragmented compliance environment for businesses. This webinar will delve into the Administration’s AI strategy, going beyond the headlines to analyze:...

Webinar | 09.29.25
False Claims Act and Customs Enforcement—What You Need to Know
Webinar | 09.25.25
HOOPS 2025
Webinar | 09.23.25
Innovation Insights: Navigating the Complexities of Employment Law Impacting Geographically-Dispersed Workforces

View All Insights