With the recent streamlining of the Cybersecurity Maturity Model Certification (CMMC) framework, the path to assure Defense Industrial Base (DIB) cybersecurity has changed dramatically from what was originally planned. There's a lot to learn about CMMC 2.0, but the objective remains the same: protect sensitive defense information from theft by our adversaries. The plan to achieve that objective now recognizes the challenges of fielding a small army of third-party assessors over a compressed timeframe and the business impact and cost on small and medium sized DIB organizations.