Modernizing the Shop Floor: Security, Efficiency and Survival

Cole French:

Machine shops aren’t just bending metal. They’re handling some of the most sensitive technical data in the entire defense industrial base. From CAD models to engineering drawings flowing across shop floors, CUI lives everywhere in these environments. In this episode, we unpack what happens when cybersecurity requirements collide with real world manufacturing operations where legacy systems, tight margins, and decades old processes all meet the rising demands of CMMC.

Welcome to the Cyber Compliance & Beyond podcast, a Kratos podcast that brings clarity to compliance, helping you leverage compliance as a tool to drive your business’s ability to compete in any market. I’m your host, Cole French. Kratos is a leading cybersecurity compliance advisory and assessment organization, providing services to both government and commercial clients across varying sectors, including defense, space, satellite, financial services, and healthcare. Now, let’s get to today’s episode and help you move cybersecurity forward.

In today’s episode, recorded live at CUI-con in Orlando, we dig into what CMMC really means for machine shops and manufacturing environments across the defense industrial base. We start with one of the biggest challenges these shops face, handling engineering drawings, CAD models, and shop floor data that are inherently CUI and often stored on shared drives, emailed freely or accessed through decades old workflows that were never designed with security in mind.

We then explore why traditional paper-based processes create unnecessary risk and how moving to digital paperless workflows can dramatically reduce scope, cost, and operational friction. We break down the realities of shop floor access, the pervasiveness of CUI in manufacturing, and the mindset shift required for teams who have relied on printed job travelers and manual processes for years.

From there, we highlight the growing need for modern cloud-based ERP systems and why FedRAMP equivalency has become essential for tools that store or display CUI. We look at the risks of outdated on-prem ERP solutions, the cost and complexity of maintaining them, and the practical challenges shops face when migrating to a modern solution.

Finally, we examine strategies for minimizing long-term compliance costs, including reducing in scope devices, leveraging view only or thin client access on the shop floor, and eliminating paper wherever possible. We also unpack why some shops choose to migrate their historical data while others start fresh after years of unstructured or unreliable information.

Joining us for today’s conversation is Paul Van Metre. Paul is co-founder of ProShop ERP and a passionate advocate for the precision manufacturing industry. With over 30 years of experience, he champions machinists and shop owners as the heroes of our economy and inspires manufacturing leaders to embrace innovation and operational excellence on the three podcasts he is a host of. Paul’s journey includes co-founding a successful aerospace manufacturing company and helping develop ProShop’s revolutionary, ERP, MES, QMS platform. We hope you enjoy this episode.

Well, Paul, thanks for coming by our booth here at CUI-con to chat with us today. I know we’re going to talk a little bit about CMMC, but I think a lot of what we’re going to talk about is the machine shop or manufacturing environments and how CMMC ties in with that and other considerations. So if you want to get us started with, from a security standpoint, or even maybe more broadly than that, what are important things to think about and consider when we’re talking about manufacturing environments?

Paul Van Metre:

Well, first of all, Cole, thanks for having me here. Appreciate it. It’s our second year at CUI-con. It’s a great conference. There’s just so much to learn here so I’m trying to soak it up like a sponge and be a part of this ecosystem. My background is machine shops. I used to own a shop, our software now helps hundreds of shops run their operations and as CMMC has become a thing, we’ve gotten deeper and deeper into cybersecurity and having our tool be a compliance tool as well as an ERP and a QMS tool.

And so the majority of our customers, and I say majority, probably more than well over half, serve the DIB in some way. They’re making machine parts for the end user being the military and all levels of the supply chain. Some are probably tier ones, some are probably tier two, three, and even four, but they are getting CUI passed down to them, that is the main type of data that they use to make everything they make. So they are out there and also our customers are not exclusively machine shops, most of them are, but we serve any company that is doing complex manufacturing processes in a regulated industry.

Cole French:

So when you mentioned tier one, two, three, four, could you just go into a little bit what that means…

Paul Van Metre:

Means to me?

Cole French:

Yeah.

Paul Van Metre:

Some of our customers are directly serving the government, some are serving lower tiers of the supply chain. So maybe Lockheed Martin is the end customer for something and of course they’re selling it to the government, but our customer might be a direct supplier to Lockheed or maybe they’re supplying it to a contract manufacturer that’s building an upper level assembly and then outsourcing all the machined parts to someone like our customer so that they might be a tier three in that case.

Cole French:

Okay. So the tiers just relate to how far [inaudible 00:05:32] moves up.

Paul Van Metre:

[inaudible 00:05:33] different companies until it hits the prime or the government itself.

Cole French:

Got it.

Paul Van Metre:

Yeah.

Cole French:

Okay.

Paul Van Metre:

And so they’re sometimes many layers down. It might be a 25 person machine shop in the middle of Iowa, but they make defense articles because they are supplying their customer that then supplies Lockheed or Raytheon or Boeing or maybe the Navy directly or something like that.

Cole French:

Got it. Thank you for the clarification there. As far as what you guys, you kind of talked on the different types of environments, size, all that type of stuff. So I guess from a challenge perspective, for machine shops, what is the biggest or what are the biggest challenges that they face from a security perspective?

Paul Van Metre:

Yeah. So they of course are receiving technical drawings. They are receiving 3D CAD models that they use to then program the CNC machines that make all the parts that go into these defense articles and so all that is CUI, right? Those engineering drawings that have all the dimensions and you could reverse engineer that thing and make it yourself. Or certainly if you had the 3D CAD model, you can just program it and make it and then you have that item.

So they need to protect all those things and many of them have not come from a security posture frame of mind in the past, right? They get their files from their customers probably over email and then they just plop them on a server and it’s the E drive on their network and everyone can access it and the programmers use it and then they sometimes they print it out sometimes they keep it digital. And then on the shop floor, those employees that need to then make those things, those machinists, those inspectors, they need to use that data all day long as well. So that CUI is just pervasive through their environment.

Cole French:

And I can see just in you describing that, I think one of the challenges I see already with that and here at Kratos, we have a lot of manufacturing and stuff like that, and when we were working with some of our organization to help them get ready for CMMC several years ago, I think one of the challenges really was, I think when we think of security, we think of my laptop or this server, people work with these sort of end user computer systems. We don’t think of something on the shop floor. It’s like, I’m making this product or I’m doing whatever process is necessary to make this product, why would security even …

I think a lot of people don’t even think about that security might be a consideration in more ways than just, did we lock the front doors kind of thing and are we not just sending this out to anyone. What type of solutions or what type of implementations have you seen organizations put in place on the shop floor that’s kind of maybe helped them think more broadly about security, sort of addressing maybe the mindset within a machine shop and maybe you can just go into the mindset. Is that actually what I’m sort of thinking out loud about? Is that actually something that exists within the mindset of those working on a shop floor?

Paul Van Metre:

Well, across the entire organization in a typical shop, they’ve been hearing about CMMC for a lot of years now and it’s been pushed out and it’s been revved and they’re not sure if it’s actually going to be a real thing and they hope that it eventually will go away, but of course it hasn’t and now it’s law and so they’re waking up to, and some are leaning in faster and some are still somewhat CMMC deniers, that this doesn’t apply to me, I’m too small, but as we all know, it flows down the entire supply chain, so no matter what tier they’re at, like I described before, they’re going to have to deal with it.

So we are putting in place features and functions in our software to help them check off many of the boxes of the 110 controls of NIST 800-171. Obviously not all of them because there’s many things that are completely outside of an ERP that are physical and unrelated to our software, but we’re trying to build things in place that just help them be a bit more compliant from FIPS compliant, multifactor authentication directly in the product to password complexity rules to session timeouts and lots of other just little things, audit controls and logs.

But then of course the other big thing is they cannot store CUI in our cloud environment unless we are FedRAMP. So we are targeting by the end of Q2 of 2026 to have our FedRAMP moderate equivalency, so we’re just a few months away from that. So it’s been a big lift. It’s been a long expensive process, but we’re committed to that because our customers need to be able to use our product that way. So then the education piece comes to understanding where their CUI is, can they basically eliminate it from any local devices in their network? Can they put it all in our cloud and just have view only in most of their workstations? Are those workstations in scope or can they be more of a VDI type of situation where it’s just view only and there’s nothing ever stored processed or transmitted on that device, it’s just pixels on a screen that you can’t screen capture, you can’t download, you can’t print.

And candidly, some of those answers we’re still trying to figure it out ourselves. There’s a lot of just configuration at the client level that we don’t directly control, but we can advise on and maybe there’s other partner solutions that can help them do that in a less expensive, less cumbersome way. Because the reality is for a lot of these small shops, the bill that they’ve been told or they’re starting to pay is a massive bill and for a 25 person shop, dropping more than a hundred grand on doing this, that’s sort of cost prohibitive, and some of them don’t do enough defense work to even potentially make it worth the while, like the juice isn’t worth the squeeze.

Some of them are 100% or 90% defense, and in this case, they of course are going to have to do it, but there’s others that are just on the fence. And we’ve already seen the DIB shrink over the last decade and there’s also this inflection point of a lot of the shop owners of these companies are baby boomers. They’re hitting that sort of baby boomer retirement period and some of them are like, “You know what? I’m just going to close down the shop, sell it off, get out of the DIB.” And we just can’t have that because the supply chain is already too small, too fragile, and if we can play our part in helping those companies to decide to stay in the DIB, lean into it, do it in a cost-effective way, use that as a competitive advantage to go win a bunch of work, we want to help do that.

Cole French:

That’s a great point you bring up about cost and I think another part of this is there’s sort of an upfront cost, but there’s also the long term cost, right? It’s not just a, “Well, I paid $100,000, put this thing in place and I’m good to go.”

Paul Van Metre:

Of course.

Cole French:

It’s an ongoing cost. So with your solution, how are you guys helping … I know before recording this, we had talked about kind of a standard approach versus a low cost approach, right? And of course that’s the thing, that’s the trick with anything that’s low cost is typically it ends up costing you more in other ways. So how are you guys… Just dive into that a little bit, the standard approach versus maybe a low cost approach.

Paul Van Metre:

Yeah, of course. So the real standard approach is you have a completely on prem environment, right? You have an on prem ERP system all of your tools are on prem. You’re investing quite a bit in servers, you’re using Microsoft GCC licenses for anyone that might need an email account and as you grow and as you add people, you just keep stacking on those costs or having to rebuild servers, and then of course the labor maintenance of keeping all your software up to date and all these things.

And the approach, and candidly I said we’re still figuring out some of it, but can we deliver ProShop in a way that lets them get as close as possible to a zero CUI on premise environment, right? Take almost every workstation out of scope. Certainly they’re not … ProShop was designed decades ago to be a completely paperless system so there’s no printing of CUI anywhere, right? You can go from estimating and quoting a new job all the way through when you create a packing slip and an invoice where you never have printed a single thing. You’ve never printed the drawing, you’ve never printed work instructions, you’ve never printed anything that could be considered CUI.

So that helps, right? Because you don’t have that physical thing you need to handle. You don’t have lots of filing cabinets that now have to be managed and locked. Our clients largely can eliminate all their filing cabinets, right? So there’s truly pretty much no paper. So that can be a real cost savings. And then yeah, if we can deliver certainly out on the shop floor where they’re just mostly looking at a drawing as they machine something and they need to inspect it, if that can be just actually be out of scope, just a view only VDI type of thing and that’s where we’re still trying to figure out, do we need to actually use a VDI? Can we build something or have what we already built in ProShop to allow them to use a hardened browser in a workstation or a thin client that truly can’t save or screenshot or print or any of those things?

They may just start saving all the costs of that for every device that no longer is in scope. In a typical manufacturing shop like our clients, you might have 10 people in the office and 30 people on the shop floor and if you have 20 CNC machines, you’re going to have a device at every single machine, right? So that’s potentially 20 devices that no longer need to be encrypted and scoped and all the software and everything, and that can save potentially a ton of cost.

Cole French:

Absolutely. And I’m curious, you mentioned your solution really completely takes paper out of the equation, right? And some of the manufacturing or machine shops we’ve worked with in the past, one in particular comes to mind, the challenge they were facing was the way they had done all their machining process from beginning to end was essentially you print out all the drawings, you print out the specs and they go into a folder and that really just travels with whatever that thing is, the entire environment.

So I’m curious, how has it been working with organizations, I’m sure you’ve worked with organizations, to take them from an approach like that to an entirely paperless system? And from a business standpoint, from an operation standpoint, is that a challenge or have you guys seen that that’s gone pretty smoothly and pretty well or a variation?

Paul Van Metre:

Total across the board.

Cole French:

Yeah.

Paul Van Metre:

So ProShop was designed and built at a machine shop that I owned and started in 1997. So to date myself a little bit straight out of college, started a shop, basically paperless from day one. So we’ve been doing it for a long, long time and we’ve now helped many hundreds of shops go completely paperless. And sometimes they’re very eager and they just lean right into it and they get it and others have varying degrees of resistance.

And often there’s pockets in the shop, some, maybe the younger folks are super eager, they’re excited and the older folks that have been using paper for 50 years, they’re like, “No, I really want this printed copy of the drawing right in front of me, and I put on my reading glasses and I look at it closely. And as a guy that now wears reading glasses, I can appreciate that. But yeah, it definitely takes a mindset shift and it takes some leadership and change management at the top level for any big change like this.”

But the idea of getting rid of paper, going to a digital only environment where you do have a workstation at every place you add value, right? Every machine, every assembly bench, every inspection station, you’re now exclusively looking at the drawings on the screen, usually double monitors these days. So you have your work order on one screen, your drawing on the other, you can zoom in as tightly as you want, you don’t need those reading glasses. Everything is fully rev controlled. There’s no such thing as an obsolete rev that’s on the shop floor that you need to go retrieve and replace if customers change revs, customers change due dates, customers change quantities all the time, and then you have obsolete information on the shop.

So that dramatically reduces that. You can have much more real time information, it’s much lighter weight to make those kinds of changes to provide real time status and it just happens to be that that environment is really great for better cybersecurity compliance, right? So anyway, that’s maybe a long way of saying it’s nice that it dovetails into being more compliant, but there’s so many reasons why paperless is vastly better than having a paper based environment in a regulated machine shop contract manufacturing environment.

Cole French:

I hadn’t even thought about the … Yeah, because once you print something out, now it’s on paper and if you’re working with that, but somebody made a change to it or there’s an update or something like that, it could get lost, and it does get lost.

Paul Van Metre:

Yeah.

Cole French:

And that’s cost, right because [inaudible 00:19:26].

Paul Van Metre:

And you have problems with, you can’t understand people’s handwriting or they’re just scratching things on a piece of paper that then get lost and you try to scan it in the end, but you don’t have that anymore. And so you have this tribal knowledge in people’s heads that is now lost. Or maybe it gets scanned perfectly and you put it in a filing cabinet, but it’s misfiled and now you have to search through dozens of filing cabinets to find this old job traveler that you made that had all these critical details on it that if you never find it, you have to recreate them, and that’s time and cost and scrap and hassle and so you just eliminate all those things.

I was at a customer and they told a story in their old system that was paper based how they completely lost a job traveler. They had to basically remake the parts because it had all the traceability associated with it and then months later they found it way high up on a cabinet in the bathroom. So these things happen. It just happens or they get spilled with coffee or coolant and they blow out the window if the door is open, so it’s just we think we’re big advocates of going paperless anyway and it just happens to be a lot safer from cybersecurity.

Cole French:

Yeah. So it’s one of those times where kind of those two things, actually a good example of how those two things kind of come together. Now one thing that stuck out to me and things I’ve seen with machine shops and stuff like that is sometimes the equipment on the shop floor is maybe… Or I guess maybe the question I’m thinking of is do you have issues with compatibility?

Paul Van Metre:

Right.

Cole French:

So you have these systems… So it sounds like what you guys do is there’s actually systems or computers, I guess, at each of the different points that’s necessary and that’s where you interact with whatever the drawings and stuff are. I know I’ve seen machine shops in the past where there’s sort of machines on the shop floor that have maybe old versions of old operating systems, things like that, that are part of an ERP solution. So have you guys encountered stuff like that? How do you deal with maybe machines that are more like operational technology or are no longer supported, stuff like that?

Paul Van Metre:

Yeah. I mean the actual workstations that they’re accessing ProShop on can be a very modern solid state device. Maybe if it’s in a Windows environment, it’s fully controlled by the domain controller and you can manage all your updates automatically through the network and make sure nothing is obsolete. All your software is current because all you need is a browser. We’re not tied to an actual operating system that existed years ago.

Some ERPs still do. I was talking to somebody yesterday and they’re still running a version of Windows NT from so long ago and their ERP, they’re in this old on prem ERP that was never upgraded to support Windows, let alone Windows 10 or 11, but anything prior to that either. The actual hardware, the actual device, the computer itself, obviously that now needs to be a computer that maybe has chips built in the right countries and is on an approved list. So that is something that a shop would absolutely need to consider as they would with their wifi network and cameras and anything else they have in the shop.

Cole French:

Yep. One thing actually that came to mind as you were talking about that and we’ve worked with customers that are using ERP solutions and actually they’re struggling with, we have this ERP solution and it’s like fully embedded within our organization. We use this for everything, but it’s on prem, it’s dated, maybe even in some of these cases not even supported anymore and it’s like, we put it over here in a box and nobody can touch it because it might break, but it’s vital to our organization, but it’s not supported anymore so that creates security risks.

Paul Van Metre:

Absolutely.

Cole French:

So have you worked with organizations to migrate from those old ERP solutions?

Paul Van Metre:

The majority. Yeah, the majority, yeah. I mean we have clients that have never had an ERP but many of them have existing ERPs and they’re either one or two categories. They’re something that’s still current and modern that they just don’t like very well, that doesn’t suit their business as well as it once did perhaps and we have ones where either it was an off the shelf solution that is now really old and unsupported or they custom-made something themselves.

They hired a developer or someone that built their own custom in house ERP and that person’s now retired or gone and they’re buying computer parts off of eBay so they can keep those old servers running because they just can’t … And it is such a risky place, not even from a cybersecurity perspective only, the actual just operational what if this thing implodes one day and we lose all of our work order data for years.

Cole French:

Seriously.

Paul Van Metre:

Yeah.

Cole French:

And it’s all on prem, so all the data is right there, so you would lose all of that whereas you guys are a cloud based solution, so…

Paul Van Metre:

Sure, we do all the backups and all everything. Yeah. So migrating from old ERPs is something we do all the time. And hopefully their system has export capabilities because then you can bring a lot of that into the new system after you do cleanup I will say. It’s a bad idea just to wholesale export data into a new system because there’s a lot of garbage you’ll bring in. But yeah, if you can export, do a cleanup process, a pairing down to only really active relevant things and then bring that in, that’s a great strategy.

Cole French:

So maybe talk just a little bit more about when you work with organizations to migrate them from an old ERP to ProShop, kind of what’s the, at a high level obviously, but the step by step, what’s the process you guys go through with those organizations to get them … Because I can imagine if it’s something that’s so ingrained in how your business functions, it has to be a difficult process to migrate to a new solution, or at least I would think it could be a really difficult process.

Paul Van Metre:

Yeah. ERP migrations are famously known as one of the most painful things that a company can do and if you liken it to a medical procedure, it’s like a spinal cord replacement, that would be a difficult surgery, right?

Cole French:

Yes.

Paul Van Metre:

And a well integrated ERP should be that. It should be used by everyone in the company all the time. So yeah, it is hard. We try to make it as least hard as it can be, but it is still going to be hard. So practically speaking, CSV is the main mechanism to get data into our system if it’s going to be imported in. So there’s a process of exporting from the old system, again, cleanup and validation of data and making sure … If you’re bringing us across 20 years of records, you don’t necessarily need the actual job records from 20 years ago, you need the current active part numbers that you may have been selling for the last 20 years or the last five years or whatever.

So there’s certain types of data that are absolutely worth bringing in and others that maybe you can put it in some sort of neutral database format that you can query if you really needed to look up something from 20 years ago, but it’s not necessarily in the new system per se, but it’s also in a safer spot than that old ERP that the hard drives might crash and you might never be able to get anything off of it.

Cole French:

Makes sense. And I assume also it’s probably from an operational standpoint, so do you focus on getting all the data over and then working with ProShop once all that data is over or is it like, hey, we’re going to start from today forward, anything that’s new is coming in through ProShop and then you work in parallel to bring in all the old data, is that …?

Paul Van Metre:

It depends on what the customer wants and how they choose to do it. Usually there is a period of operating two systems at once, sometimes even the same job in both systems, just for that redundancy as they learn. And sometimes companies do that for many months and sometimes they just, once they have the confidence in the new system, they decide to cut off the old one pretty fast, even just in a matter of weeks. And they might take existing jobs and migrate those over even though they’re whip, they’re half done, they find value in bringing them into the new system and pulling any of the records from the old one and finishing that job out in ProShop.

And when a company has really long-running jobs that might take many months to go through the shop, that makes sense because you don’t … I mean, if you’re going to ship something nine months from now that you’ve already been working on it for a couple of months, it’s just a pain to have it finish out in your old system for nine more months and have two different systems of record. So there often is a real sort of hard line in the sand where at some point you say, “Nope, everything is now in the new system.”

Cole French:

So it sounds like migrating an ERP is sort of like CMC compliance where I think sometimes people want an easy button and it’s like, I just deploy this thing or I use this technology, but there’s always planning, thought that’s sort of the hard part of any of these types of things is you got to really get in there and you got to know the data, you got to know the information, you got to know your processes, you got to know what you’re doing, what’s coming up, all that kind of stuff. So there’s a lot of considerations you have to take into account.

Paul Van Metre:

So many. Yeah. There’s no easy button. If someone promises you there is, they’re lying to you. And quite honestly, sometimes we have clients where their old data is so messy and so unstructured in their current ERP that they just don’t bring over anything.

Cole French:

Really?

Paul Van Metre:

They just completely start from scratch, right? Or they bring over like their list of customers and vendors, but nothing job related because their jobs are such a just catastrophe and they’re outside the system or their routings never actually look like what actually happens on the shop floor and so why bring that data across? And through templates and certain other tools we have, it’s just far less hassle and effort to just sort of rebuild them from scratch as they enter new jobs or bring over an existing job. With 10 minutes work, you can have a fully beautifully laid out new plan that issues into work orders that could have taken you hours to try to bring across and cut and paste different things and fix all the patches and just have a mess.

Cole French:

Interesting. No, that makes a lot of sense. I guess as we wrap up here, and I appreciate you taking the time again to come over and chat, you mentioned you guys are pursuing or in the midst of FedRAMP equivalency, correct? You haven’t actually achieved it yet, but you’re…

Paul Van Metre:

We have not achieved it yet. Our audit is in early April of '26 and we expect it to take three or four months so it’s by no means over the finish line, but it’s looking very solid and we’re seeing the light at the end of the tunnel.

Cole French:

Awesome. And do you have plans to pursue formal FedRAMP authorization at some point in the future or is…?

Paul Van Metre:

Possibly. We do have one federal customer, although candidly they are on prem in their own environment, so we haven’t broached that conversation with them. And there may be other agencies or reasons that we could have a sponsor and of course with the 20X thing we may be able to get in the marketplace without a sponsor in the future too if that all comes together.

Cole French:

That’s the hope, and from a FedRAMP, we do a lot of FedRAMP work as well, and I know that’s been a pain point with the FedRAMP. In the FedRAMP world is you have to have an agency sponsor so it’s difficult to get in and to … But I think what you guys are doing is definitely for all the things that you articulated so well earlier in the DIB and with these CMMC requirements, FedRAMP authorization or equivalency being required for cloud systems, it’s important that we’re able to get systems like yours, I think, out there so folks can use them because like you’ve described here, it’s not just a security thing, but it’s also how do we help these folks operate in a more efficient and cost-effective manner, which I think you covered really well.

Paul Van Metre:

Absolutely. Well, it’s not just a national security like we don’t want China copying our secrets, we need to have a strong manufacturing base in our country just for our own economy, right?

Cole French:

Exactly.

Paul Van Metre:

People can’t see it, but the shirt I wear and always wear, thank a machinist. I am so passionate about everything in the world starting with a machine shop one way or another. There’s no doubt about it. From the chairs we’re sitting in to the microphones we’re using, your glasses, like it started in a machine shop and over the last many decades we’ve lost a lot of that capability and a lot of those companies and we need to rebuild that right now that’s happening.

CMMC is pushing compliance in a way that really should have been in place years ago so we don’t lose a lot of our technical secrets. But yeah, the industry, the shops out there, they’re mostly family run businesses. They are good salt of the Earth people building the most fundamental part of our economy and they need good tools that are cost-effective, allow them to do what they do with a passion and we very much want to be a part of that to help build up that just so essential manufacturing base.

Cole French:

Absolutely. Well, Paul, I really appreciate you coming over to chat with us about this. I really enjoyed this conversation. Like I said, this is a topic we’ve come across, but it’s one I think we’re still learning about as well. So really appreciate your perspective and educating us on this topic.

Paul Van Metre:

Well, thanks for doing what you’re doing as well to help get these companies over the finish line and successfully in the CMMC DIB and making parts for our nation.

Cole French:

Yeah. Thank you. Appreciate it. Thanks, Paul.

Paul Van Metre:

Yeah, appreciate it.

Cole French:

No problem.

Thank you for joining us on the Cyber Compliance & Beyond Podcast. We want to hear from you. What unanswered questions would you like us to tackle? Is there a topic you’d like us to discuss or you just have some feedback for us? Let us know on LinkedIn and Twitter at kratosdefense or by email at ccbeyond@kratosdefense.com. We hope you’ll join us again for our next episode and until then keep building security into the fabric of what you do.