In an attempt to bridge the gap until the Cybersecurity Maturity Model Certification program rolls out, the U.S. Department of Defense (DoD) recently released a memorandum signaling its increasing willingness to review contractor compliance with cybersecurity standards in its contracts and take action against noncompliant contractors. With insight from experts at Holland & Knight, Covington and McCarter & English, we discuss key components of the DoD’s memorandum and what lies ahead, and we offer practical advice for government contractors and sub-contractors to overcome common compliance obstacles. See our two-part series on getting started with CMMC: “Understanding Goals, Requirements and Challenges” (Jan. 27, 2021); and “How to Prepare and What to Expect From the Assessment” (Feb. 3, 2021).