Blogs & Analysis

The Heavyweight Rules and Concepts You Need to Know About FedRAMP

The first rule of FedRAMP is … You do not talk about FedRAMP! (Sorry, that’s of course a quote from Fight Club, a movie about an insomniac office worker looking to shake things up with, well… fighting.) The real first rule about FedRAMP is that companies should attain the certification to show that their cloud… Read more »

What Cyber Framework Should My Organization Follow?

What are Security Frameworks? Security frameworks provide a calculated approach to determining risk, setting up a security strategy, and allocating security resources. They are (or should be) measurable, repeatable, and are often standardized by industry. With all the frameworks available…NIST, ISO, NERC CIP, PCI…which is right for your organization? Well the answer is…it depends. Where… Read more »

A Cybersecurity Checklist for GDPR

Where Does Cybersecurity Fit into GDPR? By Heather Engel, Sera-Brynn Chief Strategy Officer By now most everyone has heard of GDPR, or at the very least been bombarded by pop-up messages asking you to accept cookies and confirm access to your data as you surf the web. But if you are responsible for the security… Read more »

Why does your organization need a CISO?

By Crystal Silins, Senior Security Analyst Most companies today employ a Chief Information Officer (CIO) or Chief Technology Officer (CTO), an executive responsible for all things IT for the organization. The CIO or CTO typically reports directly to the CEO, and educates executive management and employees on the business value and risk that IT systems… Read more »

Digital Privacy and Apple Pie

By Colleen Johnson, Senior Cyber Legal Analyst, Sera-Brynn Thoughts on the American perspective on privacy, its revolutionary origins, and that Gosh Darn Privacy Regulation, GDPR. Supreme Court Justice Louis Brandeis is often credited with articulating the American perspective on the right to privacy. It was 1890. He called it “the right to be let alone.”… Read more »

What Cybersecurity is Really About in 2018

By Rob Hegedus, CEO, Sera-Brynn It’s not about the technology, it’s about insurability. With the implementation of GDPR, the inevitable FAR-wide adoption of NIST 800-171 standards (already mandatory for Department of Defense contractors), and the latest news on cybersecurity legislation from New York and South Carolina, the global business community as a whole is slowly but… Read more »

IN THE NEWS: Cybersecurity in the Global Shipping and Logistics Supply Chain

Virginia Business recently published a commentary by Sera-Brynn on cybersecurity in the global shipping and logistics supply chain. The article covers some historic cyberattacks in the maritime and shipping industry. And some cautionary notes on delivery drones, autonomous warehouse robots, and mass digitization of records in the highly-transactional industries that make up the logistics supply… Read more »

GDPR: How EU Enforcement Works and Doesn’t Work

For non-EU-based companies, preparing for the new EU privacy law GDPR – the General Data Protection Regulation – can be stressful the first time around, and the threat of fines up to 4% of annual sales isn’t making it any better. The fact that you don’t fully know what kind of information your company and… Read more »

Dear Sara

Dear Sara, I am an IT Director at a small company here in Pennsylvania. I was browsing Twitter TM a couple of days ago and saw several references to GDPR, the General Data Protection Regulation. Apparently, it is some onerous requirement about European resident privacy. I mentioned it to our CEO, but she told me… Read more »

Live Webinar NIST 800-171 Compliance Higher Education / Research Institutions

Thursday, May 10, 2018 2 – 3pm EST Register here Heather Engel, Sera-Brynn’s Chief Strategy Officer will discuss the challenges colleges and universities face as they attempt to secure their cyber infrastructure to comply with new federal regulations as a condition of receiving research grants. Sera-Brynn is a top 10 global cybersecurity compliance firm. “Most… Read more »