Panel Discussion: CMMC and Cybersecurity

Reading time ( words)

The electronics manufacturing sector faces unique challenges when it comes to cybersecurity, given the highly sensitive nature of the information that it handles. With the introduction of the Cybersecurity Maturity Model Certification (CMMC) framework, businesses will soon be required to meet specific, more stringent cybersecurity standards to bid on Department of Defense contracts. This has made cybersecurity hygiene and CMMC compliance more important than ever for businesses in the sector, as non-compliance can result in lost revenue and reputational damage.

At the recent EMS Leadership Summit, held during IPC APEX EXPO 2023 in January, summit organizers arrange a panel discussion with three industry experts. The panel, moderated by Maribel Hernandez, followed a Question & Answer format. Panelists included: Vijay Takanti, Joaquin Hernandez, and Allen Anderson and discussed the details and intricacies of CMMC compliance, and how it can affect a business. The experts shared their insights into the challenges that businesses in the sector are likely to face, the specific requirements tied to CMMC compliance, and the steps that businesses can take to ensure that they are adequately protected and able to achieve compliance within the framework. This article, compiled by the participants, summarizes portions of the discussion from the summit event.

What’s the difference between cybersecurity and CMMC compliance?

Joaquin Hernandez: Cybersecurity is the practice of protecting computer systems, networks, and data from unauthorized access, theft, and damage. It's a broad concept that encompasses many different tactics, techniques, and procedures. The CMMC compliance, on the other hand, refers to the requirements set forth by the DoD to ensure that contractors are meeting a minimum level of cybersecurity readiness before being awarded contracts.

In other words, cybersecurity is the foundation upon which compliance is built. A company must have a solid cybersecurity posture that extends to cover compliance safeguards in order to achieve compliance. While CMMC compliance is a specific set of requirements that a company must meet to do business with the DoD, cybersecurity is a broader and ongoing practice that should be applied to all aspects of a company's operations to protect against cyber threats.

To read this entire panel discussion, which appeared in the April 2023 issue of SMT007 Magazine, click here.

01/16/2023 | Charlene Gunter du Plessis, IPC Education Foundation

IPC has a responsibility to its current members but also in attracting and retaining new talent to the electronics manufacturing industry. This is no more evident than in the STEM event hosted by the IPC Education Foundation at IPC APEX EXPO. For the 2023 event, more than 500 students from nearly a dozen high schools are expected to participate in hands-on activities, touring the show floor, and learning from industry experts. The Career Panel Luncheon will expand across the in-person event as we broadcast and stream to schools across the United States.

03/02/2022 | Tracy Riggan, IPC

EMS leaders gathered for the EMS Leadership Summit on Monday, January 24 at IPC APEX EXPO. Expert and peer presentations on priorities ranging from the economy to the supply chain, cybersecurity, and software were interspersed with peer-to-peer discussions on several key topics.

09/27/2019 | Andy Shaughnessy, I-Connect007

During the IPC Summer Meetings in Raleigh, North Carolina, I sat down with Tom Rovere, a materials and process engineer at Lockheed Martin in Owego, New York. We explored a panel discussion on bottom-terminated components (BTCs) that Tom participated in as well as the challenges and issues related to BTCs and the important role that designers play in that process.