CUI

Oversight is Coming: How to Prepare for a DCMA Supply Chain Audit

This article is the first in a two-part series. On January 21, 2019 the DoD released a memo requiring DCMA to validate contractor procedures for supply chain management. If you are a prime or sub on Department of Defense contracts, then your contracts are already subject to DCMA administrative oversight. This new memo adds to… Read more »

The 2019 DFARS Glossary: Cybersecurity Acronyms for Government Contractors

It’s 2019 and our updated DFARS glossary is here. With our expanded DFARS glossary, Sera-Brynn defines key terms for cybersecurity compliance in the government space. There are many key terms you need to know – especially if you’re part of the DIB (see below), working through the DFARS cyber regulation, using cloud services, or responsible… Read more »

Visit Sera-Brynn’s Booth at NARA’s CUI Industry Day!

Sera-Brynn offers professional services and tools to help identify and map the flow of Controlled Unclassified Information (CUI) throughout a government contractor’s information systems. The presence of CUI is of significant consequence to government contractors and their cybersecurity programs. On December 10, 2018, the National Archives and Records Administration (NARA) is hosting an event on… Read more »

ICYMI: Webinar – Cybersecurity Compliance for Higher Education: 2018 and Beyond, presented by Williams Mullen & Sera-Brynn (03.06.2018)

In case you missed it, watch our latest webinar for higher education here. The complexity of operations, research and compliance mandates in higher education presents unique challenges in securing information systems. Cybersecurity compliance affects everything from the handling of student data to the use of cloud services and supply chain management. You will learn:  … Read more »

Thoughts on How the U.S. Government Calculates Cost of Compliance with Cybersecurity Regulations

How the U.S. Government calculates the cost of complying with the cybersecurity provisions of acquisition regulations. In 2017 the Department of Homeland Security proposed to amend the Homeland Security Acquisition Regulation (HSAR) to address requirements for the safeguarding of Controlled Unclassified Information (CUI). 82 FR 6429 (Jan. 19, 2017). Although this rule is not final,… Read more »

DFARS Regulations: Updates all DoD Contractors and Subs Should Know About

By Colleen Johnson | Sera-Brynn Business Development – Regulatory Specialist Defense Federal Acquisition Supplement: DFARS 252.204-7012, as revised on Dec. 30, 2015, is the cybersecurity rule issued by the Department of Defense (DoD) titled, “Safeguarding Covered Defense Information and Cyber Incident Reporting.” The DFARS clause requires all DoD contractors and subcontractors, regardless of size, to… Read more »

New CUI Rules as Described in NIST 800-171 and DFARS 252.204-7012

We are often asked by our clients how they know what information is considered Controlled Unclassified Information (CUI) or Classified Defense Information (CDI) as described in NIST 800-171 and Defense Federal Acquisition Regulation Supplement (DFARS) clause 252.204.7012. Understanding how information is stored, processed or transmitted within your company is essential because NIST 800-171 control 3.8.4… Read more »