The US Department of Defense (DOD) has implemented the Cybersecurity Maturity Model Certification (CMMC) program as of November 2025. The final rule implementing CMMC established new cybersecurity requirements for federal contractors and subcontractors and, resultingly, heightened the risks of noncompliance, including potential False Claims Act (FCA) risks.
Morgan Lewis Government Contractor Guidebook
YOUR GUIDE TO THE ISSUES THAT MATTER TO GOVERNMENT CONTRACTORS