After years of waiting, the U.S. Department of Defense (DoD) posted to the Federal Register for public inspection on Sept. 9, 2025, a final rule implementing the Cybersecurity Maturity Model Certification 2.0 (CMMC 2.0) standards into the Defense Federal Acquisition Regulation Supplement, formally published on Sept. 10, 2025. CMMC 2.0 is a fundamental shift in how the DoD approaches and implements cybersecurity requirements for controlled defense information.

The requirements are effective Nov. 10, 2025, and pertain to all DoD contractors and subcontractors. Defense contractors should ensure compliance with the standards as soon as possible to maintain eligibility to compete for DoD contracts and perform subcontracts, as well as avoid bid protests and/or civil False Claims Act allegations.

Read on to learn more about the final rule and its implications.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Edwin O. Childs Edwin O. Childs

As a leader of the firm’s Defense, National Security and Government Contracting industry team, Ned Childs is a government contract and investigations and enforcement attorney who represents companies across a wide range of sectors, including the defense, services, technology, and aerospace industries. His…

As a leader of the firm’s Defense, National Security and Government Contracting industry team, Ned Childs is a government contract and investigations and enforcement attorney who represents companies across a wide range of sectors, including the defense, services, technology, and aerospace industries. His practice, spanning more than a decade in Washington, encompasses a broad array of legal services, including government contract investigations, disclosures, and regulatory enforcement actions; bid protests and government contract disputes; government contract counseling; export licensing and enforcement; prime contractor-subcontractor disputes; corporate ownership and acquisition issues; and election law investigations and enforcement matters.

Read more about Edwin O. Childs
Show more Show less
Photo of Andrew Konia Andrew Konia

Andrew’s practice is singularly focused on protecting clients’ businesses and data, anticipating disputes, and strengthening their competitive position in the marketplace. As chair of the firm’s data privacy and security team, Andrew leads a nationally recognized team of professionals dedicated to protecting clients’…

Andrew’s practice is singularly focused on protecting clients’ businesses and data, anticipating disputes, and strengthening their competitive position in the marketplace. As chair of the firm’s data privacy and security team, Andrew leads a nationally recognized team of professionals dedicated to protecting clients’ systems, networks and data, managing information, and responding to cyber incidents.

Read more about Andrew Konia
Show more Show less
Photo of Abram J. Pafford Abram J. Pafford

Abe focuses his practice on protecting the rights and interests of companies and individuals who face disputes or conflicts with the federal government in its role as purchaser, prosecutor, and chief regulator. For more than twenty years, Abe has represented government contractors, participants…

Abe focuses his practice on protecting the rights and interests of companies and individuals who face disputes or conflicts with the federal government in its role as purchaser, prosecutor, and chief regulator. For more than twenty years, Abe has represented government contractors, participants in regulated industries, and companies and individuals targeted for federal investigation or prosecution, consistently achieving successful results for clients confronting difficult odds.

Read more about Abram J. Pafford
Show more Show less
Photo of Todd R. Steggerda Todd R. Steggerda

Todd Steggerda serves as McGuireWoods’ Deputy Managing Partner for Strategic Development, following service as the deputy managing partner for litigation where he oversaw and managed the firm’s litigation departments and roughly 500 litigators in the U.S. and the UK. He is the former…

Todd Steggerda serves as McGuireWoods’ Deputy Managing Partner for Strategic Development, following service as the deputy managing partner for litigation where he oversaw and managed the firm’s litigation departments and roughly 500 litigators in the U.S. and the UK. He is the former chair of the firm’s Government Investigations and White Collar Litigation Department, which Law360 recently selected for its prestigious “Practice Group of the Year” award. In a dynamic practice spanning nearly 25 years in Washington, Todd has resolved a diverse range of high-stakes government investigations, regulatory enforcement, and litigation matters, including dozens of matters investigated by the civil and criminal divisions of the Department of Justice, the Department of Defense, and numerous other federal and state agencies and investigative bodies.

Read more about Todd R. Steggerda
Show more Show less
Photo of Jack White Jack White

Jack is an accomplished trial lawyer and legal strategist who guides clients through complex challenges, including high-profile and sensitive litigation and government investigations. He focuses his practice on civil litigation, regulatory enforcement, and congressional investigations for clients in the defense, technology, federal contracting…

Jack is an accomplished trial lawyer and legal strategist who guides clients through complex challenges, including high-profile and sensitive litigation and government investigations. He focuses his practice on civil litigation, regulatory enforcement, and congressional investigations for clients in the defense, technology, federal contracting, higher and K-12 education, and other business sectors.

Read more about Jack White
Show more Show less
Photo of Jason M. Vespoli Jason M. Vespoli

Jason focuses his practice on federal and state procurement, government technology, bid protests and government contract disputes, and regulatory compliance. He utilizes experience in state government, government technology, and complex procurement to solve problems in innovative and efficient ways.

Read more about Jason M. Vespoli
Photo of Maura Naehr Maura Naehr

Maura is an associate in McGuireWoods’ Government Investigations and White Collar Group experienced in handling high-stakes government contracts bid protests and claims litigation, sophisticated government contracts transactional matters, and internal and government investigations involving federal procurement and regulatory compliance.

Read more about Maura Naehr
Photo of John Sullivan John Sullivan

John is an associate within the Government Investigations and White Collar Litigation group.

Read more about John Sullivan
Photo of James Dougherty James Dougherty

James C. “Jim” Dougherty is an accomplished government contracts and technology lawyer, with decades of experience as an in-house lawyer and law firm counsel. His practice focuses on the intersection of government contracts, technology law, and corporate compliance. He advises technology companies and…

James C. “Jim” Dougherty is an accomplished government contracts and technology lawyer, with decades of experience as an in-house lawyer and law firm counsel. His practice focuses on the intersection of government contracts, technology law, and corporate compliance. He advises technology companies and government contractors on a broad array of legal issues, including regulatory compliance, complex transactions, intellectual property rights, and litigation—particularly matters involving qui tam actions, contract claims, and bid protests at both federal and state levels.

Read more about James Dougherty
Show more Show less
Photo of Sophie Marsh Sophie Marsh

Sophie focuses her practice on government contracts and government investigations matters.

Read more about Sophie Marsh
Related Posts
SEC Voluntarily Dismisses Landmark Enforcement Action Against SolarWinds and its CISO
November 24, 2025
State AGs Step Up Enforcement: Recent Lessons from Privacy Law Enforcement in Connecticut and Nebraska
August 15, 2025
With Compliance Date for Reg S-P Amendments Looming, Is Your Firm Ready Yet?
June 5, 2025