As Crowell covered in a recent alert, the Department of Defense (DoD) on October 11, 2024 released a final rule (the “Final Program Rule”) formalizing the requirements, assessment processes, and related governance for its Cyber Maturity Model Certification Program (CMMC).Continue Reading CMMC Final Rule Includes M&A Trigger for New Assessment

Sarah Burgart
Cybersecurity Matured: DoD Finalizes Cybersecurity Maturity Model Certification (CMMC) Program
On October 11, 2024, the Department of Defense (DoD) released a final rule (the “Final Program Rule”) formalizing the requirements, assessment processes, and related governance for its Cyber Maturity Model Certification Program (CMMC).[1] Continue Reading Cybersecurity Matured: DoD Finalizes Cybersecurity Maturity Model Certification (CMMC) Program
DOJ Announces Safe Harbor for Acquirers Who Disclose Pre-Acquisition Misconduct
On October 4, 2023, Deputy Attorney General (DAG) Lisa O. Monaco announced the Department of Justice’s (DOJ) new safe harbor policy for voluntary self-disclosures made in connection with mergers and acquisitions (Safe Harbor Policy). Following other announcements from DOJ over the past two years aimed at encouraging voluntary self-disclosures, the Safe Harbor Policy was adopted because DOJ does not want to “discourage companies with effective compliance programs from lawfully acquiring companies with ineffective compliance programs.” Through this new policy, DOJ is aiming to incentivize acquirers to timely disclose misconduct discovered during the M&A process (including pre-closing diligence and post-closing integration).Continue Reading DOJ Announces Safe Harbor for Acquirers Who Disclose Pre-Acquisition Misconduct