DFARS 7019 & 7020 Are Gone: How to Stay CMMC Compliant
Understand the DFARS/FAR overhaul, what replaced 7019 & 7020, and how to stay compliant without second-guessing your contracts.
- Tuesday, March 3rd, 2026
- 12:00 PM – 1:00 PM ET
- Online event
Watch the Recording
Read the Recap
DFARS Clauses Changed – The Burden of CMMC Proof Did Not
The latest clause updates may look administrative, but the message from industry experts is clear: the government still expects contractors to prove they are doing what they say they are doing. The February 1 DFARS and FAR clause changes have prompted a familiar question across the defense industrial base: does
Missed this one?
We’ve got more coming. Be the first to know.
Recent class deviations quietly reshaped the DFARS cybersecurity landscape as of February 1, 2026. Familiar clause numbers have disappeared, new ones have taken their place, and CMMC enforcement continues moving forward.
Join Alluvionic’s cybersecurity experts for a clear, practical breakdown of what changed, what didn’t, and how contractors should respond.
What You’ll Learn
- What the Revolutionary FAR Overhaul class deviation actually changes.
- Why DFARS 7019 was eliminated, and how 7020 became 252.240-7997.
- How FAR 52.204-21 becoming 52.240-93 impacts contracts and audits.
- What “no more basic self-assessments” means in practice.
- How assessors and auditors are expected to interpret these changes.
- How to stay compliant without overreacting (or under-reacting).
Who Should Attend
- Defense Contractors / Organizations Seeking Certification (OSCs) preparing for CMMC requirements.
- Registered Provider Organizations (RPOs) supporting clients in the defense sector.
- Managed Service Providers (MSPs) serving the Defense Industrial Base (DIB).
- Cybersecurity and compliance leaders managing readiness or contract obligations.
If your team is seeing unfamiliar clause numbers in contracts or preparing for upcoming CMMC enforcement, this briefing is for you.
Featured Speakers
Elizabeth “Lizi” Huy
EVP of Commercial Services, Alluvionic, Inc. | Cyber-AB Registered Practitioner (RP)
Leads Alluvionic’s commercial cybersecurity strategy and client engagements, specializing in compliance and project management. Lizi will be moderating this webinar.
Roberto “Bobby” Padilla
Information Security Director, Alluvionic, Inc. | CMMC Certified Professional (CCP)
30+ years of cybersecurity experience across military and commercial sectors; leads Alluvionic’s CMMC service practice supporting 140+ clients.
Eric Levitas
VP of Business Development, ControlCase | Global Provider of Compliance as a Service (CaaS)
Cybersecurity and federal market specialist with over a decade of experience supporting government contractors in CMMC and FedRAMP compliance. Works closely with RPOs, 3PAOs, and C3PAOs to help DIB organizations strengthen security posture and achieve certification.
Set Your Business Up For Success
The race to compliance has already begun—don’t fall behind. Alluvionic’s experts provide cybersecurity support and focused change management. We minimize disruptions, ensure smooth adoption, and set your business up for success.
Read The Latest CMMC NEWS
2026 GAO Report Finds Critical Concerns with CMMC Ecosystem
The Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) program is officially underway. Requirements are now appearing in contracts, and the phased rollout is accelerating across the defense industrial base
Webinar Recap: Your CMMC Certification Playbook (and Pitfalls to Avoid)
For contractors across the defense industrial base, the CMMC timeline is moving faster than expected. In the recent webinar, “Your CMMC Certification Playbook (and Pitfalls to Avoid),” the presenters discussed
DFARS Clauses Changed – The Burden of CMMC Proof Did Not
The latest clause updates may look administrative, but the message from industry experts is clear: the government still expects contractors to prove they are doing what they say they are