It's Bingo Time: Defense Industry Cybersecurity Deadline Looms Near

U.S. defense industry scrambles to meet cybersecurity regulations. Sera-Brynn anticipates defense contract competition "washout"

U.S. Navy F-18

In military aviation, “bingo” is the point at which an aircraft faces a fuel emergency and needs to divert or return to base. For area Defense contractors impacted by the December 31, 2017 DoD cybersecurity deadline (DFARS 7012): You are approaching Bingo.

Today, Sera-Brynn, a U.S. cybersecurity auditing and advisory firm, reported that U.S. defense contractors, particularly subcontractors, are at risk of failing to meet mandatory cybersecurity standards required to do business with the U.S. Department of Defense.

A washout of defense contractors is inevitable, either due to primes ceasing business relations with non-compliant subs or when unsecure companies are severely breached.

Patrick McLaughlin, Director of Business Development

The Defense Federal Regulation Supplement (also known as “DFARS”) requires DoD contracts to be fully-compliant with NIST SP 800-171, a security framework issued by the U.S. Department of Commerce, if they handle covered defense information.

Patrick McLaughlin, Sera-Brynn's Director of Business Development, states that he is “astonished by how many defense contractors are unaware or even dismissive of the DFARS 7012 cybersecurity mandate.”

"Mature, sophisticated and forward-looking companies get it,” McLaughlin states. “They understand many of their competitors will be unable to meet the strict controls of DFARS or simply choose to ignore the requirement. A washout of defense contractors is inevitable, either due to primes ceasing business relations with non-compliant subs or when unsecure companies are severely breached."

Based on work auditing DoD contractors from 2015 to date, Sera-Brynn reports that the typical DoD contractor is currently approximately 60% compliant with DFARS cybersecurity requirements. Sera-Brynn further advises that it takes about 6 to 9 months for an organization to evaluate and invest in policies and technologies to bring themselves into compliance with the law. The deadline is in 8 months: December 31, 2017.

Sera-Brynn reports that this deadline is daunting for many small to mid-sized companies. The approaching DFARS deadline means that many companies have only months left to take a deep look at their IT environment, including the way they handle, transmit, and store data.  By the end of this year, these impacted companies must have plans and policies in place that will likely change the way they do business.

Sera-Brynn’s message to the Defense Industry: You are now approaching Bingo.

For more information on DFARS, visit

For more information on Sera-Brynn, visit:

About Sera-Brynn

Sera-Brynn is a leading cybersecurity audit and advisory firm. The Virginia-based company offers threat management, compliance and risk assessment, risk control, and incident response services that enable clients to secure their computing environments and meet applicable and mandatory cybersecurity regulatory standards. This technical expertise is the backbone of their DFARS compliance services. 

Founded in 2011 by former members of the U.S. intelligence community, Sera-Brynn is ranked #10 worldwide on the Cybersecurity 500 list.

Media Contact

Colleen Johnson
​Sera-Brynn, LLC / Cyber Risk Management
5806 Harbor View Blvd., Suite 204
​Suffolk, Virginia 23435

Source: Sera-Brynn

Related Media