While the DoD charts a path forward on CMMC, the USG is emphasizing the need to comply with existing cyber obligations in government contracts and taking steps to enforce compliance with those obligations.
The June 16 Memo comes amid increased False Claims Act scrutiny pursuant to the DoJ’s Civil Cyber-Fraud Initiative, the impending rulemaking enhancing CISA’s role to oversee cyber incident reporting in critical infrastructure, and new requirements for federal contractors to demonstrate they securely develop software which will be used by federal agencies.
When read together, these developments should hasten organizations’ cybersecurity compliance efforts to ensure the sustainment of DoD contract revenue.
