Making the General Services Administration’s (GSA) FedRAMP (Federal Risk and Authorization Management Program) process more efficient for cloud service providers appears to be on the radar of the Office of the National Cyber Director (ONCD) as the ONCD moves toward the implementation planning phase of the National Cybersecurity Strategy released last month. […]
Good things can come both to those who wait – and never stop trying – in Washington. That’s one of the top-line takeaways after talking with Stephen Kovac, Chief Compliance Officer at cloud security provider Zscaler, following the successful conclusion late last month of a multi-year campaign to codify into law the Federal Risk and Authorization Management Program (FedRAMP). […]
Tech-sector trade group Alliance for Digital Innovation (ADI) is calling on Federal technology leaders to boost funding for the Federal Risk and Authorization Management Program (FedRAMP) through allocations from Federal Citizen Services Fund (FCSF) that is maintained by the General Services Administration (GSA), which also oversees FedRAMP. […]
Illumio, a provider of zero trust segmentation (ZTS) technologies, said today that its Illumio Government Cloud offering has received FedRAMP (Federal Risk and Authorization Management Program) In Process designation at a Moderate Impact Level, under the sponsorship of the Department of Health and Human Services (HHS) Office of Inspector General. […]
Cloud security provider Zscaler said today that its Zscaler Private Access service – a cloud-delivered, zero trust network access (ZTNA) service that provides secure access to all private applications, without the need for a remote access VPN – has achieved FedRAMP Moderate Authorization from the General Services Administration’s Federal Risk and Authorization Management Program. […]
Brian Conrad, acting director of the General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP), pointed to the program’s service re-use progress over the past year at an Oct. 20 ATARC event, including a 60 percent jump in re-use by Federal agencies of approved cloud services over the past year. […]
The House last week voted to approve an updated version of legislation that would codify into law and update the Federal Risk and Authorization Management Program (FedRAMP). […]
Both vendors and Federal officials said today they want more visibility into the Federal Risk and Authorization Management Program (FedRAMP) process, which certifies the security of cloud technologies for Federal government use and is operated by the General Services Administration (GSA). […]
Brian Conrad, acting director of the General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP), explained at an FCW event today how ongoing improvement efforts are charting a path for the program over the next five to ten years. […]
Cloud security provider Zscaler said this week that its Zscaler Internet Access (ZIA) service received Federal Risk and Authorization Management Program (FedRAMP) High Authority to Operate (ATO) from the FedRAMP Joint Authorization Board (JAB). […]
The Alliance for Digital Innovation (ADI) is pressing congressional appropriators to provide more money in Fiscal Year 2023 budget legislation for primary sources of Federal agency IT modernization funding, including the Technology Modernization Fund (TMF), along with the General Services Administration’s (GSA) Federal Citizen Services Fund (FCSF). […]
As Acting Director of FedRAMP Brian Conrad looks ahead to the program’s fiscal year (FY) 2022 goals, he said gathering feedback from stakeholders will play a “critical” role in improving the program going forward. […]
As the General Service Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP) program looks to transition to Revision 5 (Rev. 5) baselines – in accordance with the National Institute of Standards and Technology’s (NIST) Rev. 5 security and privacy controls – Acting Director of FedRAMP Brian Conrad said the agency has been able to decrease the number of controls for improved usability. […]
House Government Operations Subcommittee Chairman Gerry Connolly, D-Va., said today he is looking for final congressional approval in the near term for legislation he has championed for the past several years that would codify into Federal law the General Services Administration’s Federal Risk and Authorization Management Program (FedRAMP). The program certifies the security of cloud technologies for Federal government use. […]
The never-ending rise of cyberattacks on government agencies and critical infrastructure providers underlines the urgent need for both government and the private sector to accelerate toward more agile and resilient cybersecurity models. Government and industry cybersecurity experts will point the way forward to more resilient security postures when they gather on Thursday, May 19 from […]
One of Federal agencies’ primary challenges is ensuring that they are properly managing and securing sensitive data, particularly controlled unclassified information (CUI). Even though CUI is unclassified, it requires special handling and safeguarding. The Defense Counterintelligence and Security Agency notes that loss of aggregated CUI is one of the most significant risks to national security. […]
As the one-year anniversary of the Biden administration’s cybersecurity executive order (EO) nears, join Federal government and industry experts on May 19 for MeriTalk’s in-person Cyber Central conference to explore how agencies are building a more resilient government cybersecurity posture. […]
The Consolidated Appropriations Act of 2022 (H.R. 2471), introduced by Rep. Rosa DeLauro, D-Conn., would fund the Federal government through the end of fiscal year (FY) 2022 and includes language on cyber incident reporting for critical infrastructure (CI) requirements. […]
Two senior House leaders on Federal technology issues said today they are looking for decisive action soon on legislation to update the Federal Information Security Management Act (FISMA), and codify and improve the General Services Administration’s Federal Risk and Authorization Management Program (FedRAMP). […]
The Senate on March 1 approved by unanimous consent the Strengthening American Cybersecurity Act of 2022. The bill is a sweeping legislative package introduced last month that aims to update the Federal Information Security Management Act (FISMA), codify the General Services Administration’s Federal Risk and Authorization Management Program (FedRAMP), and require timely cyber incident reporting by critical infrastructure providers. […]
Jennifer Franks, director of information technology and cybersecurity at the Government Accountability Office (GAO), is calling on the Office of Management and Budget (OMB) to develop a standardized definition of what the Federal Risk and Authorization Management Program (FedRAMP) costs and how government agencies should evaluate costs when moving their services into the cloud. […]
stackArmor announced today that the company is working with Red Hat to accelerate the FedRAMP Authority to Operate (ATO) project for Red Hat OpenShift Service on AWS (ROSA). […]
The Senate Homeland Security and Governmental Affairs Committee voted today to advance the Federal Secure Cloud Improvement and Jobs Act of 2021, sending the bill to the full Senate for consideration. […]
The Senate Homeland Security and Governmental Affairs Committee held a roundtable discussion on Nov. 30 with Federal officials and industry experts about proposed reforms to the General Service Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP). […]
Sen. Gary Peters, D-Mich., chairman of the Senate Homeland Security and Governmental Affairs Committee, introduced legislation this week to make permanent the General Service Administration’s Federal Risk and Authorization Management Program (FedRAMP), and ensure that Federal agencies can quickly and securely adopt cloud technologies. […]
StateRAMP, the nonprofit formed earlier this year by leaders from state and local governments and the private sector to help state and local governments manage their third party supplier cybersecurity risks, has released the initial roster of its Authorized Vendor List (AVL). […]
Federal IT modernization may see a significant increase in funding, $3.35 billion to be exact, if an amendment from Rep. Gerry Connolly, D-Va., is successful. […]
The Federal Risk and Authorization Management Program (FedRAMP) authorization journey can sometimes be a confusing one to navigate, but experts agree that the National Institute of Standards and Technology’s (NIST) Open Security Controls Assessment Language (OSCAL) formats are helping to speed the FedRAMP approval process. […]
FedRAMP released its annual survey for FY2021 today. […]
A new tool from MeriTalk and stackArmor is providing insight into the Federal Risk and Authorization Management Program (FedRAMP), and helping cloud service providers (CSPs) make data-driven decisions while pursuing their authorization journey. […]