Our Website Uses Cookies 

We and the third parties that provide content, functionality, or business services on our website may use cookies to collect information about your browsing activities in order to provide you with more relevant content and promotional materials, on and off the website, and help us understand your interests and improve the website.

For more information, please contact us or consult our Privacy Notice.

Your binder contains too many pages, the maximum is 40.

We are unable to add this page to your binder, please try again later.

This page has been added to your binder.

DOD's Haste May Spell Turbulent Start For Cybersecurity Plan

October 24, 2019, Law360

Susan Cassidy spoke with Law360 about the Department of Defense’s goal for its Cybersecurity Maturity Model Certification (CMMC) and its impact on join bid contractors.


Ms. Cassidy says such teaming arrangements are already complicated and can take years to put together for big defense procurements. Although the DOD has said cybersecurity compliance will be considered an allowable cost for defense contractors, not all contractors have cost-basis contracts, she noted. Commercial suppliers in particular often sell through fixed-price deals and may decide the burden of doing business with the DOD no longer makes sense, and that is just the tip of the iceberg for the uncertainty around the plan. She adds, “The overall point is that the devil is in the details here.”

Share this article: