GSA’s New CUI Requirements: What CMMC Contractors Need to Know Published: May 18, 2026 On January 5, 2026, the U.S. General Services Administration (GSA) signed Revision 1 of an internal IT security procedural guide titled Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations Process — document number CIO-IT Security-21-112. The guide establishes a
NIST SP 800-172 Revision 3 Is Final: What It Means for CMMC Level 2 and Level 3 Published: May 15, 2026 NIST SP 800-172 Revision 3 is the updated set of enhanced security requirements for protecting Controlled Unclassified Information (CUI) associated with critical programs and high-value assets. Published on May 13, 2026, it replaces the
If your company handles Controlled Unclassified Information (CUI), you have probably seen CMMC and NIST SP 800-171 mentioned in the same conversation. That is one reason so many contractors assume they mean the same thing. They do not. The short version is simple: NIST SP 800-171 tells you what security requirements to implement. CMMC is
10/10/2025As the federal government shutdown reaches Day 10 with no resolution in sight, defense contractors are asking a critical question: Does this shutdown impact the November 10, 2025 CMMC implementation deadline? The short answer: No. CMMC requirements remain on track. Here’s what defense contractors need to understand about how the current government shutdown affects – or more
CMMC: Phased Rollout TimelineAfter years of delays, CMMC is finally launching. Six years, ten months, and 26 days after CMMC was first announced, the final rule putting CMMC into DoD contracts was published September 10, 2025. Starting November 10, 2025, the Department of Defense begins requiring cybersecurity certifications for contractors—and your company’s ability to win future
Page [tcb_pagination_current_page] of [tcb_pagination_total_pages]