Privacy Framework: NIST is in the House.

This month, NIST kicked off a series of public meetings to highlight its efforts to create a voluntary Privacy Framework. Much in the same way it developed the Cybersecurity Framework, NIST is trying to achieve a technology-privacy balance within the guidance by crowdsourcing its way there.  By bringing in views from federal agencies, small businesses,… Read more »

A Cybersecurity Checklist for GDPR

Where Does Cybersecurity Fit into GDPR? By Heather Engel, Sera-Brynn Chief Strategy Officer By now most everyone has heard of GDPR, or at the very least been bombarded by pop-up messages asking you to accept cookies and confirm access to your data as you surf the web. But if you are responsible for the security… Read more »

Digital Privacy and Apple Pie

By Colleen Johnson, Senior Cyber Legal Analyst, Sera-Brynn Thoughts on the American perspective on privacy, its revolutionary origins, and that Gosh Darn Privacy Regulation, GDPR. Supreme Court Justice Louis Brandeis is often credited with articulating the American perspective on the right to privacy. It was 1890. He called it “the right to be let alone.”… Read more »

What Cybersecurity is Really About in 2018

By Rob Hegedus, CEO, Sera-Brynn It’s not about the technology, it’s about insurability. With the implementation of GDPR, the inevitable FAR-wide adoption of NIST 800-171 standards (already mandatory for Department of Defense contractors), and the latest news on cybersecurity legislation from New York and South Carolina, the global business community as a whole is slowly but… Read more »

GDPR: How EU Enforcement Works and Doesn’t Work

For non-EU-based companies, preparing for the new EU privacy law GDPR – the General Data Protection Regulation – can be stressful the first time around, and the threat of fines up to 4% of annual sales isn’t making it any better. The fact that you don’t fully know what kind of information your company and… Read more »

Dear Sara

Dear Sara, I am an IT Director at a small company here in Pennsylvania. I was browsing Twitter TM a couple of days ago and saw several references to GDPR, the General Data Protection Regulation. Apparently, it is some onerous requirement about European resident privacy. I mentioned it to our CEO, but she told me… Read more »

U.S. Business Should Brace Itself for European Union Cybersecurity Rules

In the world of cybersecurity compliance, GDPR is the asteroid hurtling towards Earth. U.S. cybersecurity firm Sera-Brynn prepares to help industry avoid billions and billions in fines. SUFFOLK, VA – April 6, 2017 – Sera-Brynn, LLC, a top-ranked cybersecurity firm, announced the official launch of its latest offering: GDPR Compliance and Assessment Services. GDPR, shorthand… Read more »

GDPR Privacy by Design and by Default

“The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.” – Privacy and greater control of data on EU citizens,… Read more »

GDPR Data Protection Officer – Do I Need One?

The short answer is a designated Data Protection Officer (DPO) is not mandatory for all organizations. Which of course begs the question “What organizations do require one?” A DPO is mandatory wherever the data processing is carried out by a public authority or a company (controller or processor) whose core activities consist of processing operations… Read more »