Search
Logo
Federal Cyber Brief
Sign Up
Login
Home
Guides
About
Archive
Federal Cyber Brief

Archive

All of our previous posts

News

DoW Suspends CMMC Phase 2 — Your Audit Is Off, Your Liability Isn't

Jul 14, 2026

•

3 min read

DoW Suspends CMMC Phase 2 — Your Audit Is Off, Your Liability Isn't

Third-party assessments are frozen and a 60-day review may rewrite the program entirely. DFARS 252.204-7012 and your SPRS affirmation still bind

Weekly Brief

Rev 3 Is Coming to CMMC — and the Interim Rule Is Due This Month. Plus 15 Vetted Contracts

Jul 14, 2026

•

6 min read

Rev 3 Is Coming to CMMC — and the Interim Rule Is Due This Month. Plus 15 Vetted Contracts

The Unified Agenda shows DoD adopting an interim final rule this month to move CMMC from NIST 800-171 Rev 2 to Rev 3 — and it takes effect on publication. Here's what changes and how to prepare. Plus 15 vetted opportunities, including two rare small-business set-asides on classified Air Force infrastructure.

News

CMMC's Rev 3 Deadline Rule Is Due This Month

Jul 13, 2026

•

3 min read

CMMC's Rev 3 Deadline Rule Is Due This Month

The Unified Agenda shows DoD adopting an interim final rule in July that sets the transition from NIST SP 800-171 Rev 2 to Rev 3. Interim final rules take effect on publication.

News

Fixed-Price Is Now the FAR Default — and T&M Contracts Are in Scope

Jul 9, 2026

•

3 min read

Fixed-Price Is Now the FAR Default — and T&M Contracts Are in Scope

Agencies must update class deviations by July 15. For small IT and cyber firms living on time-and-materials work, the risk shift starts now.

Guide

SPRS Scores: How to Calculate and Report Yours

Jul 9, 2026

•

5 min read

SPRS Scores: How to Calculate and Report Yours

Your SPRS score runs from -203 to +110 and can gate a DoD award. Here's how the scoring works, how to calculate yours, and how to report it correctly.

Weekly Brief

The FAR Just Rewrote Civilian CUI Rules. You Have Until July 23 — Plus 15 Vetted Contracts

Jul 7, 2026

•

6 min read

The FAR Just Rewrote Civilian CUI Rules. You Have Until July 23 — Plus 15 Vetted Contracts

The FAR Council folded civilian CUI rules into Part 40: NIST 800-171 Rev 3, 72-hour incident reporting, one standard form. Comments close July 23. Plus 15 vetted opportunities — including DOJ's managed-attribution buy and an Interior Cisco IDIQ set aside for small business.

Guide

The DFARS Cyber Clauses, Decoded: 7012, 7019, 7020, 7021, and 7025

Jul 2, 2026

•

5 min read

The DFARS Cyber Clauses, Decoded: 7012, 7019, 7020, 7021, and 7025

Five DFARS clauses govern cybersecurity in DoD contracts: 7012, 7019, 7020, 7021, and 7025. Here's what each one requires and how they fit together.

Weekly Brief

The Post-Quantum Executive Order: What the 2030 Contractor Deadline Means — Plus 15 Federal Cyber Opportunities

Jun 30, 2026

•

5 min read

The Post-Quantum Executive Order: What the 2030 Contractor Deadline Means — Plus 15 Federal Cyber Opportunities

A June 22 executive order gives federal contractors until December 31, 2030 to go quantum-safe. Plus this week's full pipeline: a DoD water-plant OT contract, a VA patient-safety system, State Dept vetting work, and 12 more — curated for small business.

News

FedRAMP's CR26 Overhaul Is Here — and It Changes How You Vet Cloud Tools for CMMC

Jun 29, 2026

•

3 min read

FedRAMP's CR26 Overhaul Is Here — and It Changes How You Vet Cloud Tools for CMMC

FedRAMP released its Consolidated Rules for 2026 on June 25, effective July 1. Authorizations become certifications, impact levels become classes, and the labels you rely on to evaluate SaaS for a CMMC Level 2 assessment are changing.

Load more

Federal Cyber Brief

Follow on LinkedIn for daily GovCon intelligence

SUBSCRIBE TO OUR NEWSLETTER

Weekly intelligence for federal IT & cybersecurity contractors. Cleared to Bid.

© 2026 Federal Cyber Brief.
beehiivPowered by beehiiv