Bob Metzger, shareholder at Rogers Joseph O’Donnell, joins Off the Shelf this week and provides his incisive analysis and insights regarding the federal government’s cybersecurity framework. Metzger outlines the complex, ever-changing threat environment facing government and industry. From near peer adversaries to independent criminal elements, he frames the threat against the government’s ongoing program and regulatory cyber initiatives. Metzger analyzes the government’s underlying cyber strategy currently being implemented through procurement regulation, and he gives his take on the FAR’s cybersecurity regulations/clauses and the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) program. Metzger also shares his thoughts regarding the impact of the cyber regulatory framework’s impact on small businesses and the government’s long term access to commercial innovation, and whether the government should move to a more “performance-based approach” to cybersecurity versus the current more prescriptive model outlined in a host of proposed rules.