Blog

Cybersecurity Frameworks – A (Hard)Core Feature of The Ohio Data Protection Act

In 2018, Ohio – the home of the Rock & Roll Hall of Fame – enacted a cybersecurity law that rocked cybersecurity frameworks. The Ohio Data Protection Act (“ODPA” or the Act) creates a safe harbor for organizations that adopt one of ten cybersecurity compliance frameworks. This is unique. Most other state cybersecurity laws don’t… Read more »

Live Webinar: Impacts of New NIST 800-171 (Revision 2) on Government Contractors

Heather Engel, Chief Strategy Officer of Sera-Brynn, will join Scott Edwards, Summit 7 Systems President, to discuss the highly-anticipated revision to NIST SP 800-171. NIST 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations, was first published in December 2016 (and updated in June 2018).  Under Defense Federal Acquisition Regulation Supplement (DFARS), all U.S…. Read more »

Oversight is Coming – Part 2: DCMA to Assess Supply Chain Compliance with DFARS

Last week, we covered the DoD memo assigning DCMA audit responsibilities for marking CUI. The same memo indicates that DCMA will also be evaluating a contractor’s procedures for assessing supply chain compliance with DFARS 252.204-7012. Today we are taking a deeper dive into what that means and what a supply chain assessment looks like. As… Read more »

Oversight is Coming: How to Prepare for a DCMA Supply Chain Audit

This article is the first in a two-part series. On January 21, 2019 the DoD released a memo requiring DCMA to validate contractor procedures for supply chain management. If you are a prime or sub on Department of Defense contracts, then your contracts are already subject to DCMA administrative oversight. This new memo adds to… Read more »

Sera-Brynn Now Certified to Privacy Shield Framework

Suffolk, VA, April 17, 2019 — Sera-Brynn, LCC, a global leader in cybersecurity compliance and risk management, today announced it has been added to the Department of Commerce’s list of self-certified Privacy Shield participants.  The Privacy Shield designation confirms that Sera-Brynn complies with the framework for the private and secure transfer of personal data from… Read more »

Kicking the Tires on FedRAMP

Straight talk about whether FedRAMP accreditation is right for you. In the world of FedRAMP, you are either a cloud service provider (CSP) or a user of cloud services. Many of our CSP clients are asked about FedRAMP accreditation. In some cases, a government user has told them they should be FedRAMP accredited. This is… Read more »

Cybersecurity’s 3-Million-Person Workforce Shortage is Now a Risk Management Problem

Cybersecurity’s 3-million-person workforce shortage is now a risk management problem. The cybersecurity workforce needs and wants you!  Good news for many of us – but from an employer or strategic workforce planning perspective, this is problematic. There’s now a shortage of people qualified to protect data, systems, and operations. Worldwide, the cybersecurity workforce shortage is… Read more »

Guided by Motto “Cybersecurity is a Team Sport,” Sera-Brynn’s New Fractional CISO Service Takes Off

There’s a need for coordinated, cohesive teams of cyber talent. Suffolk, VA, March 19, 2019 — Sera-Brynn, LLC, a global leader in cybersecurity compliance and risk management, launched a new service in 2019: the Fractional Chief Information Security Officer (FCISO).  Sera-Brynn believes the popularity of the FCISO service is due to the cybersecurity skill set… Read more »

Understanding the Red Team Cycle

… and avoiding the “one and done” mentality in cybersecurity decision-making. The term Red Team is being used loosely as another term for penetration testing, though it is generally not being used as a solid business planning tool for improving the overall security of an organization’s security.  The relationship between doing a Red Team exercise… Read more »

Cybersecurity is a Team Sport: Why a Fractional CISO Makes Sense to Manage Cyber Risk

We live in a sharing economy. Almost anything can be had for a fraction of the cost of ownership. Need a ride? You can use Pace for bikes, Lyft or Turo for cars, or Lime for scooters. Need cash? Shared residential wi-fi? (Try Fon.) How about a shared puppy? (Fractional cuteness at Share A Dog.)… Read more »