The CMMC Program is designed to verify the protection of sensitive unclassified information shared between the Department and its contractors and subcontractors or generated by the contractors and subcontractors. CMMC increases assurance that contractors and subcontractors are meeting cybersecurity requirements applying to acquisition programs and systems processing CUI.
Resource Type: Rules
The FTC Safeguards Rule Amendment
The FTC’s Safeguards Rule amendment requires non-bank financial institutions to report when information affecting 500 or more people was acquired without authorization.
FTC Safeguards Rule 16 CFR Part 314
The Federal Trade Commission issued a final rule to amend the Standards for Safeguarding Customer Information (‘‘Safeguards Rule’’ or ‘‘Rule’’).
Public Company Cybersecurity Disclosures
The SEC adopted final rules requiring disclosure of material cybersecurity incidents on Form 8-K and periodic disclosure of a registrant’s cybersecurity risk management, strategy, and governance in annual reports.