Search Results for: NIST

PCI Compliance

There are a few reasons you’re here: 1. Your business accepts credit cards or cardholder data, and you need a QSA for advisory or auditing services. Contact us for a free consult. 2. You’ve been through a DSS audit and aren’t happy with your current QSA.  3. You have questions on segmentation, scoping, the right Self-Assessment… Read more »

DoD issues clarifying guidance on DFARS Clause 252.204-7012

2017 saw the release of additional guidance aimed at both contractors and procurement officers regarding the implementation of DFARS Clause 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting”. Here at Sera-Brynn, we’ve written extensively on aspects of this clause and the associated NIST Special Publication 800-171. 800-171 describes adequate security for Protecting Controlled Unclassified… Read more »

Equifax Breach and Compliance

Would Better Risk Management Based on DFARS/NIST 800-171 or the NY Financial Institution Rules Have Thwarted the Equifax Breach? By Colin Glover, Senior Security Analyst, Sera-Brynn, LLC. Recently, the credit rating company Equifax announced a huge breach impacting up to 143 million U.S. consumers, including their names, social security numbers, birth dates, home addresses and… Read more »

State of DFARS Compliance 5 Months From 31 Dec 2017 Deadline

As of Q2 2017, 87% of all defense contracts contained DFARS clause 252.204-7012. As of July 2017, 93% of Navy contracts, 83% of Air Force contracts, and 72% of Army contracts had the clause, with a goal of 100%. Source: Defense Procurement and Acquisition Policy Based on non-attributable statistical data we have collected through our… Read more »

Risk Management and China’s New Cyber Security Law

China’s new Cyber Security Law, which went into effect on June 1, 2017, will impact the way multinational organizations do business in China. As national laws with global impact (like China’s) evolve, risk evolves. You probably know that a cyber risk management “best practice” includes regularly updating your Risk Assessment. If it’s been awhile and… Read more »

CLE Course: Cyber Security 101 – DOD Contractor Compliance: Legal, Technical, and Accounting Perspectives

Cybersecurity firm Sera-Brynn featured in CLE to explain U.S. Department of Defense cyber regulations in light of December 31, 2017 deadline. SUFFOLK, VA – July 20, 2017. Experts from cybersecurity firm Sera-Brynn and Pepper Hamilton LLP, a multi-practice, nationwide law firm, teamed up to create a continuing legal education (CLE) for attorneys interested in emerging… Read more »

Virginia Economic Development Partnership Appoints Heather Engel of Sera-Brynn to Board of Directors

SUFFOLK, VA – Heather Engel, Chief Strategy Officer and Partner of Sera-Brynn, has been appointed to the Virginia Economic Development Partnership Board of Directors. Cybersecurity is one of the Governor’s top priorities and a key component of the new Virginia Economy. Ms. Engel has an extensive background in cybersecurity and risk management, and has been… Read more »

Thoughts on How the U.S. Government Calculates Cost of Compliance with Cybersecurity Regulations

How the U.S. Government calculates the cost of complying with the cybersecurity provisions of acquisition regulations. In 2017 the Department of Homeland Security proposed to amend the Homeland Security Acquisition Regulation (HSAR) to address requirements for the safeguarding of Controlled Unclassified Information (CUI). 82 FR 6429 (Jan. 19, 2017). Although this rule is not final,… Read more »

Will 2018 Be A DoD Contractor Washout? A DFARS 7012 Analysis

Sera-Brynn anticipates a defense industry “washout” as Department of Defense contractors and subcontractors scramble to meet DFARS 7012 cybersecurity regulations. U.S. defense contractors, particularly subcontractors, are at risk of failing to meet mandatory cybersecurity standards required to do business with the U.S. Department of Defense. The Defense Federal Regulation Supplement (also known as “DFARS”) requires… Read more »

Complementary Webinars for Supply Chain Cybersecurity

Press Relase Sera-Brynn offers complementary webinars to U.S. Defense Contractors to deliver straight and stark cybersecurity message to vendors in their supply chain. SUFFOLK, VA – April 26, 2017 – Sera-Brynn, LLC, a top-ranked cybersecurity firm, stated today there is an increased demand in the U.S. Department of Defense (DoD) Industry for help with managing… Read more »