Posts

Showing posts with the label CMMC

Quantum Computing is Coming: The Threat to Today’s Encryption

About eight years ago, toward the end of a panel I was moderating on cybersecurity, I turned to the panelists and asked them to tell me what to expect when quantum computing would come online. I got blank stares. Quantum computing, and its implications for national security and cybersecurity, had not yet made its way into the consciousness of most experts. Today, that has changed and lawyers, particularly those advising on system and data security issues, need to get ahead of the upheaval that is coming. For those unfamiliar, quantum computing is based on the principles of quantum physics, which govern matter and energy at atomic and subatomic levels, where classical physics ceases to apply . Quantum tech has already begun to influence areas like  medical imaging . Once they become commercially viable, quantum computers will launch a sea change in many additional areas of technology. Quantum computers’ use of qubits that can hold multiple values simultaneously will inaugurate an e...

DOD Issues Final DFARS Rule for Cybersecurity Maturity Model Certification Program

WHAT:  The U.S. Department of Defense (DOD) has published the  final rule  amending the Defense Federal Acquisition Regulation Supplement (DFARS) to incorporate contractual requirements for the Cybersecurity Maturity Model Certification Program (CMMC). The final rule at long last sets a starting date for phasing in the CMMC program. WHEN:   DOD issued the final rule on September 10, 2025, so it will take effect on November 10, 2025. That effective date will mark the first day of the three-year phase-in effort that DOD previously prescribed in the  earlier final rule  (which we summarized  here ) establishing the CMMC program requirements in Title 32 of the Code of Federal Regulations.  See  32 CFR § 170.3(e). During the first year of the phase-in plan, the following will be applicable: For new contracts, DOD intends to require at least a self-assessment as a condition of award. DOD retains the discretion to require a third-party certificatio...