Contractors Seek Clarity On DOD Cybersecurity Rule

Contractors Seek Clarity On DOD Cybersecurity Rule

September 29, 2020, Law360

Susan Cassidy spoke with Law360 about protection of CUI forms in the Cybersecurity Maturity Model Certification. Ms. Cassidy says, “Bottom line, they still have never defined CUI in a way that's meaningful. It's the bedrock of the whole rule. And contractors really want to comply, I believe. They don't want their systems to be hacked. But the definition really should be addressed head on.”

She went on to discuss the next steps for contractors seeking clarity for the CMMC, saying, “Presumably, you think they'd do a mix [of different types of contracts] so they can work out any kinks in the system. I think that is a good thing, because if you left it to the [DOD] departments, you would run into the risk that there would be too many, too quick.”