Sum IT Up: CMMC News Roundup

CMMC officially goes into effect on November 10th, 2025, at which point all new DoD solicitations and contracts will include at least CMMC Level 1 status requirements. While the government shutdown might affect the pace of new contract awards, it doesn't change anything about the effective date of CMMC specifically. This week we're looking at the trickle of contract notices that are letting people know CMMC is very real and will absolutely be required (including level 2). Pathfinder 101: https://www.summit7.us/pathfinder Pathfinder Demo: https://youtu.be/JiDTCchfCa0?si=JJFplxSfvkaRVhRo NAVSEA (Level 2): https://sam.gov/workspace/contract/opp/0a92f866231546828b3fd11cf1146a8a/view USSOCOM (Level 1): https://sam.gov/workspace/contract/opp/eb3d38dd00e845579212f724b6dedd37/view USACE (Level 2): https://sam.gov/workspace/contract/opp/e0a817b5b7c74c319ebaa2df9cd3d637/view

The Senate has passed their version of the FY26 NDAA and they want annual contractor performance measurements to focus exclusively on “negative performance events”. Per the Senate Armed Services Committee that includes failing to meet cyber requirements, failing to flow down requirements to subcontractors, and submission of false claims (cyber). Add this one to the growing pile of evidence that the government really, really wants contractors to take cybersecurity seriously. Pathfinder 101: https://www.summit7.us/pathfinder Pathfinder Demo: https://youtu.be/JiDTCchfCa0?si=JJFplxSfvkaRVhRo Memo: https://dodcio.defense.gov/cmmc/Resources-Documentation/ Senate NDAA: https://www.congress.gov/bill/119th-congress/senate-bill/2296/text

Watch full webinar here: https://www.summit7.us/webinars/cmmc-phase-1-the-final-rule-is-here The start of CMMC phase 1 is just around the corner. Starting on November 10th, 2025, DoD contracting officers will begin inserting CMMC status requirements in new solicitations and contracts. We recently held a webinar on the CMMC final rule to get people up to speed so this week we're bringing you our key takeaways. If you want all the details, the webinar is available on demand (registration link is in the show notes). Find out where you are on your CMMC journey here: https://www.summit7.us/pathfinder

September has come to a close and despite all the moving parts, name changes, and other potential roadblocks, the CMMC program is humming along. Assessments are being conducted at a blazing pace, the AB staff is growing, and people are still not sure if they should identify as an ESP or CSP.On this week's show, we dig into the September Cyber AB Town Hall and break down all the important details you need to know! Summit 7 Live: https://www.summit7.us/S7Live Pathfinder 101: https://www.summit7.us/pathfinder Pathfinder Demo: https://youtu.be/JiDTCchfCa0?si=JJFplxSfvkaRVhRo AB Town Halls: https://cyberab.org/News-Events/Town-Halls/Details/march-town-hall

DFARS clause 252.204-7021 goes into effect on November 10th, 2025, but there's more under the hood than just the text of the contract clause. Contracting officers have an entire set of procedures they must follow that dictate when and if the 7021 clause should be included in a defense contract at all. In this episode we're looking at the other side of the coin to the infamous CMMC DFARS clause. Final Rule Webinar: https://www.summit7.us/webinars/cmmc-phase-1-the-final-rule-is-here?hsCtaAttrib=195767465874 Summit 7 Live: https://www.summit7.us/S7Live Pathfinder 101: https://www.summit7.us/pathfinder Pathfinder Demo: https://youtu.be/JiDTCchfCa0?si=JJFplxSfvkaRVhRo 2025 CMMC Final Rule (48 CFR): https://www.federalregister.gov/documents/2025/09/10/2025-17359/defense-federal-acquisition-regulation-supplement-assessing-contractor-implementation-of DFARS 7008: https://youtu.be/vgrRGIWboKc?si=chKYMNRUea9eqpn- DFARS 7012: https://youtu.be/cy4e28YAkXU?si=OO3IEXYvfGqZQ3op DFARS 7019: https://youtu.be/7gW_82Cus7Y?si=IT2ORlBlZELxxbdu DFARS 7020: https://youtu.be/D4JLkfvB-Ws?si=-hMhIq6dJLxu1NU4 DFARS 7025: https://youtu.be/LtJK-CHuyp8?si=A6WoUGBEEgVxp5Jx DFARS 7009: https://youtu.be/kfecRRrd41w?si=PNXrbcvRLHc5GoUg 32 CFR 170 Webinar: https://www.summit7.us/webinars/cmmc-32-cfr-final-rule?_gl=1*1qpc6eg*_up*MQ..*_gs*MQ..