New U.S. cybersecurity certification rules are raising compliance costs for small defence suppliers, prompting some to reconsider military contracts. Industry leaders warn that delays, audit burdens, and regulatory confusion could strain production and weaken the resilience of the defense industrial base.