Issue link: https://iconnect007.uberflip.com/i/1489269
52 SMT007 MAGAZINE I JANUARY 2023 Article by Divyash Patel MX2 TECHNOLOGY As I attend industry events and connect with the leaders of manufacturing companies in the Defense Industrial Base (DIB)—every- one seems aware that CMMC 2.0 rules are coming soon. I see a bit more activity and I'm fielding more questions. Some DIB contrac- tors are getting it, and that's good news. But there's also bad news: Too many still bet they can win a high-stakes game of "chicken" with the DoD. Running a business means balancing risk tol- erance and aversion. Many of us will take risks to grow revenues or achieve strategic goals; just as many of us want to avoid risk (especially in terms of expense) if the status quo is running well. at's a fancy way to say, "If it ain't broke, why fix it?" Normally, that's a legitimate ques- tion, but asking it requires you to know what "broke" looks like. When a piece of produc- tion equipment breaks, it's obvious. When it comes to your IT network, "broke" is anything but obvious. Your operations could be running along fine yet you have cybersecurity holes big enough to drive a truck through. at's just what the DoD wants to avoid. Will the Government Blink? When business leaders act as if they don't feel any particular urgency to hit the com- pliance deadline, I oen hear, "If enough of us don't comply, the government will blink. It will have no choice but to either kick the compliance deadline back again (it worked once, aer all) or maybe even exempt us small operators. e DoD is going to swerve first." at sounds like wishful thinking to me, and in the words of Vince Lombardi, "Hope is not a strategy." e DoD will not budge this time. Not for Levels One and Two—and those will cover the vast majority of small- and mid-sized contrac- tors. If for no other reason than credibility, the A CMMC 'Plan B'