government

NDIA Cybersecurity Workshop in Tampa, Fla. Event (11/13/2019) to Feature Sera-Brynn’s Samuel Morthland

Sera-Brynn Executive Vice President for Federal Services, Samuel Morthland, has been invited to share current insights as auditors concerning “The State of Cybersecurity Compliance” during the NDIA Cybersecurity Workshop on Wednesday, November 13, 2019 in Tampa, Florida. The Cybersecurity Workshop will feature experts from industry, government, and military on cybersecurity, cyber defense, and U.S. national… Read more »

What You Need to Know About 800-171 Revisions

The long awaited NIST 800-171 Revision 2 and 800-171B drafts were released for comment today. There have been no major changes to the controls in Revision 2. This is good news for many in the DIB who have been diligently working to implement and maintain the security requirements. Of more interest is 171B enhanced security… Read more »

Join Sera-Brynn on June 21 in DC @ the CUI Industry Day

Sera-Brynn is excited to be part of the National Archives and Records Administration (NARA)’s 2nd Industry Day on the Controlled Unclassified Information (CUI) program. The one-day event (free and open to the public) is a good spot to connect face-to-face with some of the Sera-Brynn team, and check out the services that have been developed… Read more »

Cybersecurity Training Is Not Optional…Unless You Are in the House

Congressional Cybersecurity Training Resolution will mandate training for elected officials. Cybersecurity risk management is about understanding why you are a target, how you will be attacked, and the fallout if an attack is successful. Election security is a big deal. Right now, Florida is trying to get a handle on exactly who might have  been… Read more »

Live Webinar: Impacts of New NIST 800-171 (Revision 2) on Government Contractors

Heather Engel, Chief Strategy Officer of Sera-Brynn, will join Scott Edwards, Summit 7 Systems President, to discuss the highly-anticipated revision to NIST SP 800-171. NIST 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations, was first published in December 2016 (and updated in June 2018).  Under Defense Federal Acquisition Regulation Supplement (DFARS), all U.S…. Read more »

Oversight is Coming – Part 2: DCMA to Assess Supply Chain Compliance with DFARS

Last week, we covered the DoD memo assigning DCMA audit responsibilities for marking CUI. The same memo indicates that DCMA will also be evaluating a contractor’s procedures for assessing supply chain compliance with DFARS 252.204-7012. Today we are taking a deeper dive into what that means and what a supply chain assessment looks like. As… Read more »

Oversight is Coming: How to Prepare for a DCMA Supply Chain Audit

This article is the first in a two-part series. On January 21, 2019 the DoD released a memo requiring DCMA to validate contractor procedures for supply chain management. If you are a prime or sub on Department of Defense contracts, then your contracts are already subject to DCMA administrative oversight. This new memo adds to… Read more »

Kicking the Tires on FedRAMP

Straight talk about whether FedRAMP accreditation is right for you. In the world of FedRAMP, you are either a cloud service provider (CSP) or a user of cloud services. Many of our CSP clients are asked about FedRAMP accreditation. In some cases, a government user has told them they should be FedRAMP accredited. This is… Read more »

Is “FedRAMP Ready” Status in your PaaS, IaaS, or SaaS’ Future?

“FedRAMP Ready” is an official designation from the Federal Risk and Authorization Management Program, or FedRAMP. The status of “FedRAMP Ready” is awarded to cloud service providers who undergo an independent security assessment to show they are ready to move ahead with the full FedRAMP authorization process.  Achieving FedRAMP Ready status is typically a singular… Read more »