Insights

Professional
Practice
Industry
Region
Trending Topics
Location
Type

Sort by:

Client Alerts 32 results

Client Alert | 2 min read | 03.31.25

Canadian CMMC? Canada Proposes Cyber Compliance Regime for Canadian Defense Suppliers

On March 12, 2025, the Government of Canada announced plans to launch the Canadian Program for Cyber Security Certification (CPCSC). CPCSC is a cybersecurity compliance verification program that aims to protect sensitive unclassified government information handled by Canadian government contractors and subcontractors within Canada’s defense sector. Canada will roll out CPCSC to contractors in four phases, with the first phase launching this month.
...

Client Alert | 3 min read | 03.26.25

FedRAMP 20x: Proposed Framework Aims To Increase Automation and Efficiency

On March 24, 2025, the Federal Risk and Authorization Management Program (FedRAMP) unveiled “FedRAMP 20x,” a proposal to make FedRAMP more efficient by automating FedRAMP security assessments and continuous monitoring, simplifying required technical controls, and leaning on industry to provide tooling and solutions to support automation. 
...

Client Alert | 4 min read | 02.21.25

An Un[waiver]ing Commitment to CMMC: The Department of Defense Issues Guidance for Determining Assessment Levels

Amidst a flurry of executive cost-cutting, the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification program—often known just as “CMMC”— appears to be defying the odds and only picking up steam. Marking the first CMMC developments under the new administration, the DoD has published guidance that previews what to expect once CMMC is finalized. These developments suggest that the current administration intends to pick up where it left off, having first introduced the CMMC program during President Trump’s first term.
...

Publications 6 results

Publication | 01.28.25

Preparing for CMMC in 2025

After years of anticipation and a series of delays, implementation of the U.S. Department of Defense’s Cyber Maturity Model Certification Program (CMMC) is rapidly approaching. Though CMMC is not expected to enter into effect until early-to- mid 2025, DOD contactors can start taking steps now to ensure a smooth transition into this new regulatory era.
...

Publication | 01.28.25

Will Higher Education Institutions Face Enhanced Cybersecurity Requirements?

U.S. colleges and universities watched closely this summer when the DOJ, in a novel move, scrutinized the cybersecurity compliance of a research lab at an academic institution.
...

Webinars 5 results

Webinar | 02.20.25, 3:00 PM EST - 4:00 PM EST

Privacy and Cybersecurity Outlook: The 2025 Landscape

Crowell & Moring’s recent publication, The Privacy and Cybersecurity Outlook: The 2025 Landscape, offers clients forward-looking insights on the most significant trends impacting organizations worldwide.

Webinar | 01.27.25, 10:00 AM EST - 10:45 AM EST

Cyber For All: A FAR CUI Proposed Rule Webinar

The FAR Council recently released a proposed rule (the “FAR CUI Rule”) that would amend the FAR to implement federal government-wide Controlled Unclassified Information (CUI) cybersecurity, training, and incident reporting requirements for government contractors and subcontractors.  

Webinar | 01.18.24, 1:00 PM EST - 2:00 PM EST

The FY 2024 National Defense Authorization Act: Key Provisions for Government Contractors

Crowell & Moring’s Government Contracts Group invites government contractors to a webinar in which we address the most consequential sections of the FY 2024 National Defense Authorization Act. These include imposition of a new conflict of interest regime for government contractors with a connection to China, require government reporting to Congress on acquisition authorities and programs, and alter other processes and procedures to which government contractors are subject.

Speaking Engagements 5 results