Press Release: “Reality Check 2020” – New Report on Defense Industry Implementation of NIST SP 800-171 – Sera-Brynn

“Reality Check 2020” – New Report on Defense Industry Implementation of NIST SP 800-171

Cyber risk across the Defense Industrial Base is increasing – and so are cyber rules and regulations from the Department of Defense. This report provides a current snapshot of the DIB’s state of compliance with NIST SP 800-171, including trends we’ve noticed in the past year and specific trouble areas.

Read this complimentary report.

FOR IMMEDIATE RELEASE:  November 23, 2020, CHESAPEAKE, VA. Today, the certified cybersecurity assessment team from Sera-Brynn published “Reality Check 2020: Defense Industry’s Implementation of NIST SP 800-171.”  The new report provides a current snapshot of the defense industry’s state of compliance with the NIST SP 800-171 cybersecurity framework, including trends and specific trouble areas.

This is Sera-Brynn’s second annual report. Again, they provide both a broad overview of defense industrial base (DIB) compliance, as well as specific areas of consistent non-compliance.  Insights into why contractors struggle with specific controls permeate the report.

Key finding from the report include:

  • Overall implementation of the NIST SP 800-171 security controls increased 14% from the previous year.
  • The top 16 controls not implemented changed from the previous year – but there are 9 controls that were consistently not implemented in both 2019 and 2020.
  • The larger organizations in the study were more compliant than they were in the previous year; the smaller organizations were still struggling to implement the requirements.
  • The lack of multifactor authentication, user training, and vulnerability remediation continue to be primary reasons why cyberattacks are successful.

The report authors state, “We conclude that most defense contractors continue to struggle with the full implementation of NIST SP 800-171. We believe that this struggle will continue as the DIB begins to implement the CMMC requirements. Despite the challenges, however, we are encouraged by the findings as they show that change is possible. We have seen that positive change is accelerated when there is more understanding, more resources allotted, and more effort put into addressing the cybersecurity requirements.”

The 2020 Reality Check report can be read here[1].

The 2019 Reality Check report can be read here[2].

About Sera-Brynn

Sera-Brynn[3], a global leader in providing cybersecurity compliance audit and advisory services, now offers CHECKLIGHT™ to protect businesses and individuals against cyber threats. Founded in 2011 by former members of the U.S. intelligence community, Sera-Brynn partners with some of the world’s most respected and recognized brands to help them secure their infrastructure meet cybersecurity regulatory requirements.

For more information, contact us at 1-757-243-1257 or at

1 2