Supply Chain

Pentagon to Unveil New Cybersecurity Maturity Model Certification (CMMC) for Defense Contractors

The Department of Defense announced that it is developing a new cybersecurity standard and certification for defense contractors. It is named the “Cybersecurity Maturity Model Certification” (CMMC). Notably, the intent of the CMMC is to improve cybersecurity deficiencies in the defense industrial base and secure the supply chain. The CMMC is expected to be based… Read more »

Cybersecurity Training Is Not Optional…Unless You Are in the House

Congressional Cybersecurity Training Resolution will mandate training for elected officials. Cybersecurity risk management is about understanding why you are a target, how you will be attacked, and the fallout if an attack is successful. Election security is a big deal. Right now, Florida is trying to get a handle on exactly who might have  been… Read more »

Oversight is Coming – Part 2: DCMA to Assess Supply Chain Compliance with DFARS

Last week, we covered the DoD memo assigning DCMA audit responsibilities for marking CUI. The same memo indicates that DCMA will also be evaluating a contractor’s procedures for assessing supply chain compliance with DFARS 252.204-7012. Today we are taking a deeper dive into what that means and what a supply chain assessment looks like. As… Read more »

Oversight is Coming: How to Prepare for a DCMA Supply Chain Audit

This article is the first in a two-part series. On January 21, 2019 the DoD released a memo requiring DCMA to validate contractor procedures for supply chain management. If you are a prime or sub on Department of Defense contracts, then your contracts are already subject to DCMA administrative oversight. This new memo adds to… Read more »

Final Compliance Date for NY DFS Cybersecurity Regulation is March 1, 2019

A significant deadline is now approaching under the New York State Department of Financial Services (“DFS”) cybersecurity regulation, 23 NYCRR 500.   On March 1, 2019, the two-year transitional period under the NY DFS regulation expires and all remaining requirements become effective. The final requirement concerns supply chain cybersecurity. Background The NY DFS cybersecurity framework requires… Read more »

What Cybersecurity is Really About in 2018

By Rob Hegedus, CEO, Sera-Brynn It’s not about the technology, it’s about insurability. With the implementation of GDPR, the inevitable FAR-wide adoption of NIST 800-171 standards (already mandatory for Department of Defense contractors), and the latest news on cybersecurity legislation from New York and South Carolina, the global business community as a whole is slowly but… Read more »

Chief Strategist Speaks on Critical Compliance Issues at NYS Cyber Security Conference

On June 5, 2018 at 3:20 PM in Albany, NY, Sera-Brynn’s CSO will discuss critical cybersecurity compliance issues in the federal and defense contracting space — from strategic risk management to supply chain impacts.   Heather Engel, Chief Strategy Officer at Sera-Brynn, will present “Strategic Planning for Cyber Risk: Protecting Data and Meeting Regulatory Requirements… Read more »

Our Nation of Builders Needs to Rethink Cybersecurity Risks in Their Supply Chain, Says Sera Brynn

February 27, 2018 Suffolk, VA – The emerging technologic advances in the American manufacturing renaissance should cause companies to stop and reconsider cybersecurity risks, says Sera-Brynn, a leading global cybersecurity compliance and risk management firm. Sera-Brynn’s report is featured in Cybersecurity Ventures, one of the leading global publications on cybersecurity. “Policy makers and industry leaders… Read more »

A New Model for Supply Chain Cybersecurity: Less Reporting, More Hands-On Help for the Most Vulnerable Links in the Chain

New advisory service from Sera-Brynn helps businesses with supply chain cybersecurity. Suffolk, VA – December 5, 2017. U.S. and international regulations demand businesses address cybersecurity throughout their supply chain. Sera-Brynn, LLC, a FedRAMP-authorized assessor and cyber risk management firm, has expanded services for clients to efficiently and effectively manage cyber risk in their supply chains…. Read more »