Aerospace and Defense Insights | New Department of Defense rules significantly heighten cybersecurity compliance requirements

Through Aerospace and Defense Insights, we share with you the top legal and political issues affecting the aerospace and defense (A&D) industry. Our A&D industry team monitors the latest developments to help our clients stay in front of issues before they become problems, and seize opportunities in a timely manner.

On 29 September 2020, the Department of Defense (DoD) issued an interim rule amending the Defense Federal Acquisition Regulation Supplement (DFARS), Assessing Contractor Implementation of Cybersecurity Requirements (DFARS Case 2019–D041), 85 Fed. Reg. 61,505 (29 September 2020), available here. The interim rule establishes a two-pronged approach to assess and verify the Defense Industrial Base’s (DIB) ability to protect Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) on contractor information systems or networks based on: 

  • The National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 DoD Assessment Methodology; and
  • The Cybersecurity Maturity Model Certification (CMMC) framework. 
Read More: Aerospace and Defense Insights | New Department of Defense rules significantly heighten cybersecurity compliance requirements


Download PDF Back To Listing
Loading data