The Defence Industrial Base encompasses over 300,000 US companies that design, manufacture, and supply goods and services to the Department of Defense — and collectively represent a high-value target for adversaries seeking to compromise defence capability through supply-chain infiltration rather than direct attack. CMMC 2.0, DFARS clause 252.204-7012, and the associated NIST SP 800-171 requirements mandate that all DIB organisations handling Controlled Unclassified Information implement verified cybersecurity controls, with non-compliance resulting in contract ineligibility.
DIB