Using Red Team Assessments to Test Security Maturity

Red teaming is an under-appreciated term in modern businesses.  Red teaming is an opportunity for leadership to understand how an entire system works together to protect information critical to a company’s existence, their “crown jewels.” Red teaming in the age of the Internet has had companies focusing exclusively on CYBER Red Teams.  However, such an… Read more »

But Seriously, What is a 3PAO?

3PAO means “third party assessment organization” under the FedRAMP program. FedRAMP is the U.S. government’s first program for the protection of federal information in the cloud. A 3PAO audits the cloud service provider because, in short, self-assessments are not permitted. Stated another way: a 3PAO is an independent entity that performs initial and period security… Read more »

Privacy Framework: NIST is in the House.

This month, NIST kicked off a series of public meetings to highlight its efforts to create a voluntary Privacy Framework. Much in the same way it developed the Cybersecurity Framework, NIST is trying to achieve a technology-privacy balance within the guidance by crowdsourcing its way there.  By bringing in views from federal agencies, small businesses,… Read more »

FedRAMP: A Heavyweight Security Framework for Cloud Service Providers

You need FedRAMP if you want to prove your cloud services is secure enough for U.S. government data. Read the full September 6, 2018 article published on here. In its latest Compliance Report for Cybersecurity Ventures, Sera-Brynn shared how FedRAMP came into being, who should care, and why being FedRAMP-authorized is important for companies. “The… Read more »

A Cybersecurity Checklist for GDPR

Where Does Cybersecurity Fit into GDPR? By Heather Engel, Sera-Brynn Chief Strategy Officer By now most everyone has heard of GDPR, or at the very least been bombarded by pop-up messages asking you to accept cookies and confirm access to your data as you surf the web. But if you are responsible for the security… Read more »

Cybersecurity Risk to High-Net-Worth Families a Featured Topic at Virginia Beach Event

SUFFOLK, VA – On May 24, 2017, Sera-Brynn, LLC, a leading cybersecurity audit and advisory firm, will present at an event hosted by Signature Family Wealth Advisors, a Virginia-based family wealth advisory firm, to discuss the unique cybersecurity needs of high-net-worth families. “The focus on cybersecurity by wealth management firms is on the rise,” reports… Read more »

Quantum Computing, Artificial Intelligence, and Cybersecurity

By John Kipp, Sera-Brynn COO As advancements in Quantum Computing and Artificial Intelligence are always popular media topics, I thought it’d be interesting to take a look at how the two are converging and what such a convergence might mean for cybersecurity. First things first though. Below is a quick and very basic primer on… Read more »

IT Support Companies Are Not Cybersecurity Companies

Use the right tool for the job. Remember that old saying? Whether you’re talking about fixing a sink or dealing with a data breach, the saying holds true and here’s why. Several months ago a large business realized it had been hacked. They recently contacted Sera-Brynn, but only after it called upon its third-party IT… Read more »

Cyber Risk Management for Small Businesses

Carrying the message of cyber risk management for small businesses at the National Governors Association cybersecurity roundtable Our CEO, Rob Hegedus, and EVP, Heather Engel, were recently invited to Washington D.C. for a cybersecurity National Governors Association roundtable discussion with Virginia Gov. Terry McAuliffe, where we made the case for cyber risk management for small… Read more »