First-Of-Its-Kind DFARS Offering Allows Any-Size Government Contractor to Achieve DFARS 7012 Compliance Efficiently and at Net Zero Cost
With more than 100,000 cyber attacks on Department of Defense (DoD) networks a day, it’s critical for contractors to safeguard information and report cyber attacks.
That’s why Sera-Brynn, a Virginia-based global cybersecurity auditor, has teamed with leading industry partners in the Financial Services sector to provide an innovative DFARS Compliance solution to government contractors that won’t cost them to become compliant.
In addition to providing a proprietary methodology to meet NIST 800-171 requirements simply and efficiently, Sera-Brynn’s holistic approach ensures the proper categorization of cost structures to help government contractor clients recoup the costs of compliance through GAAP, DCAA, and Federal Acquisition Regulation (FAR)/Cost Accounting Standards (CAS) approved processes.
All government contractors that perform work with the DoD, directly or indirectly, are required to comply with the Defense Federal Acquisition Regulation 252.204-7012 (Safeguarding Covered Defense Information and Cyber Incident Reporting). This rule covers protection of Covered Defense Information, or “CDI,” and reporting requirements in the event of a suspected compromise. Requirements for protecting CDI are outlined in NIST SP 800-171, and government contractors must be able to show proof of compliance by a December 2017 deadline.
“While DFARS compliance criteria may seem complicated and onerous, we’ve developed a proven process to help our clients meet their mandatory requirements with minimal disruption to business operations,” said Heather Engel, Sera-Brynn’s Executive Vice President of Risk and Compliance. “We understand this is yet another requirement being levied on the government contracting community, and while it is necessary to address growing cybersecurity concerns, our goal is to help them meet regulatory criteria and reduce risk with minimal hassle.”
As a globally recognized cybersecurity auditor staffed by former DoD contractors, Sera-Brynn is uniquely positioned to help clients meet and certify DFARS compliance.
“Most of our government contracting clients are concerned about the added costs incurred with meeting DFARS 7012 requirements, which is why our approach includes cost accounting support from our financial services partners to ensure they recoup those expenses,” said John Kipp, Sera-Brynn’s Chief Operating Officer. “Many don’t realize that if the government requires you to do it, then you should get reimbursed for it. Our one-stop-shop approach makes sure proper cost accounting practices are employed from the very beginning, resulting in a net zero cost for compliance.”
Engel said that many contractors will require six to twelve months of procedural updates and process implementation to achieve full compliance by the December 2017 deadline.
“Rather than wait until next year, we strongly recommend starting soon to avoid missing the deadline,” Engel said. “Additionally, while there will always be those that wait until the last minute, the ones that do get ahead of the curve will undoubtedly have a competitive edge.”
About Sera-Brynn: Headquartered in Suffolk, Va., Sera-Brynn is a global Cyber Risk Management firm with an international client base. The company is dedicated to helping clients secure their computing environments, pre- and post-breach, and meet applicable mandatory industry and government compliance requirements. Sera-Brynn is the only Payment Card Industry Qualified Security Assessor in North America directly partnered with a multi-billion dollar financial institution, and the firm works closely with the insurance industry, legal offices nationwide, crisis management firms, financial institutions and law enforcement at all levels to provide the most comprehensive protection to its clients.
Sera-Brynn’s clients include Fortune 1000 companies, healthcare, financial institutions, insurance carriers and re-insurers, higher education, municipalities and state governments, manufacturers, law offices, large retail establishments, technology enterprises, accounting firms, national non-profits, and international joint ventures.