Sera-Brynn is a leading independent assessor within the DIB community, having performed extensive audits and advisory services for companies ranging from those on the Forbes list of America’s largest public companies to small businesses.
We work with companies to enhance their security posture, plan for technology transformations, manage their supply chain, and achieve other cybersecurity objectives:
We are trusted advisors to companies providing defense solutions including:
- Construction and engineering
- Environmental solutions
- System integrators
- Space and aerospace technology
- Training solutions
- Key parts suppliers
The majority of our clients are long-term clients.
Defense Federal Acquisition Regulation Supplement (DFARS) Services
As compliance with DFARS clause 252.204-7012 is a condition of receiving U.S. Department of Defense (DoD) contracts, there is no shortage of consultants, accounting firms, and others offering DFARS and NIST 800-171 gap-assessments and reports.
Sera-Brynn is different.
Sera-Brynn has been performing audits against the NIST controls since 2015. We have developed System Security Plans, Incident Response Plans, Risk Assessments, and Plan of Action and Milestones (POA&Ms) since 2015.
Most importantly, we work with companies to understand and interpret the NIST controls in a way that fits the risk profile of the company.
We have a deep knowledge base.
Our law firm partners inform us of the consequences of failing to comply with DFARS 252.204-7012 (including breach of contract, liability under the False Claims Act, Whistleblower Actions, termination, liquidated damages, suspension or debarment by the Government for failing to make mandatory disclosures or failing to perform in accordance with the Government contract).
Our analysts regularly communicate with contracting officers and, in some cases, the Department of Defense CIO, to seek clarifications on NIST controls and how they apply to a business environment.
As opposed to some consulting models, we “hire hard and manage easy.” Cybersecurity compliance is our expertise and our analysts and auditors reflect that expertise.
Specialized Incident Response Services
In the event of an incident, Sera-Brynn offers full-service incident response services to all our clients on a priority basis. Our technical team is deeply knowledge about incident reporting requirements within the Defense Industrial Base, and will assist with coordinating, as necessary, with:
- Reporting to the Department of Defense CIO
- Law enforcement
- Legal Advisors
- Crisis Communication Firms
- Vulnerability Assessments and Penetration Testing
- Tabletop exercises of incident response plans
- Senior leadership briefings and training
- NIST SP 800-53- based Risk Assessments
- Compliance advisory services such as mapping compliance frameworks (e.g., GDPR, ISO 27001, HIPAA)