The never-ending rise of cyberattacks on government agencies and critical infrastructure providers underlines the urgent need for both government and the private sector to accelerate toward more agile and resilient cybersecurity models. Government and industry cybersecurity experts will point the way forward to more resilient security postures when they gather on Thursday, May 19 from […]
One of Federal agencies’ primary challenges is ensuring that they are properly managing and securing sensitive data, particularly controlled unclassified information (CUI). Even though CUI is unclassified, it requires special handling and safeguarding. The Defense Counterintelligence and Security Agency notes that loss of aggregated CUI is one of the most significant risks to national security. […]
As the one-year anniversary of the Biden administration’s cybersecurity executive order (EO) nears, join Federal government and industry experts on May 19 for MeriTalk’s in-person Cyber Central conference to explore how agencies are building a more resilient government cybersecurity posture. […]
The Consolidated Appropriations Act of 2022 (H.R. 2471), introduced by Rep. Rosa DeLauro, D-Conn., would fund the Federal government through the end of fiscal year (FY) 2022 and includes language on cyber incident reporting for critical infrastructure (CI) requirements. […]
Two senior House leaders on Federal technology issues said today they are looking for decisive action soon on legislation to update the Federal Information Security Management Act (FISMA), and codify and improve the General Services Administration’s Federal Risk and Authorization Management Program (FedRAMP). […]
The Senate on March 1 approved by unanimous consent the Strengthening American Cybersecurity Act of 2022. The bill is a sweeping legislative package introduced last month that aims to update the Federal Information Security Management Act (FISMA), codify the General Services Administration’s Federal Risk and Authorization Management Program (FedRAMP), and require timely cyber incident reporting by critical infrastructure providers. […]
Jennifer Franks, director of information technology and cybersecurity at the Government Accountability Office (GAO), is calling on the Office of Management and Budget (OMB) to develop a standardized definition of what the Federal Risk and Authorization Management Program (FedRAMP) costs and how government agencies should evaluate costs when moving their services into the cloud. […]
stackArmor announced today that the company is working with Red Hat to accelerate the FedRAMP Authority to Operate (ATO) project for Red Hat OpenShift Service on AWS (ROSA). […]
The Senate Homeland Security and Governmental Affairs Committee voted today to advance the Federal Secure Cloud Improvement and Jobs Act of 2021, sending the bill to the full Senate for consideration. […]
The Senate Homeland Security and Governmental Affairs Committee held a roundtable discussion on Nov. 30 with Federal officials and industry experts about proposed reforms to the General Service Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP). […]
Sen. Gary Peters, D-Mich., chairman of the Senate Homeland Security and Governmental Affairs Committee, introduced legislation this week to make permanent the General Service Administration’s Federal Risk and Authorization Management Program (FedRAMP), and ensure that Federal agencies can quickly and securely adopt cloud technologies. […]
StateRAMP, the nonprofit formed earlier this year by leaders from state and local governments and the private sector to help state and local governments manage their third party supplier cybersecurity risks, has released the initial roster of its Authorized Vendor List (AVL). […]
Federal IT modernization may see a significant increase in funding, $3.35 billion to be exact, if an amendment from Rep. Gerry Connolly, D-Va., is successful. […]
The Federal Risk and Authorization Management Program (FedRAMP) authorization journey can sometimes be a confusing one to navigate, but experts agree that the National Institute of Standards and Technology’s (NIST) Open Security Controls Assessment Language (OSCAL) formats are helping to speed the FedRAMP approval process. […]
FedRAMP released its annual survey for FY2021 today. […]
A new tool from MeriTalk and stackArmor is providing insight into the Federal Risk and Authorization Management Program (FedRAMP), and helping cloud service providers (CSPs) make data-driven decisions while pursuing their authorization journey. […]
The FedRAMP Authorization Act sponsored by Rep. Gerry Connolly, D-Va., has been nearly four years in the making without crossing the goal line. But after the House approved the bill earlier this year, Rep. Connolly said today that the House is “working in lockstep” with Senate colleagues to hopefully pass the bill in 2021. […]
As COVID-19 created unprecedented demand for remote work, one Federal agency was especially well equipped to transition to full telework in March 2020. The civilian agency had invested in robust collaboration tools and IT infrastructure, including network bandwidth upgrades in January 2020, which eased the transition and kept workers productive. […]
Cloud security provider Zscaler said this week that its Zscaler Internet Access (ZIA) service has been selected to be “prioritized” for Joint Authorization Board (JAB) FedRAMP certification at the High Impact Level through the General Services Administration’s FedRAMP Connect program. […]
The Federal Risk and Authorization Management Program (FedRAMP) is looking to make the move from manual processes to automated ones, focusing on two strategic initiatives that will make cloud security even easier for agencies. […]
After being excluded from the final version of the National Defense Authorization Act (NDAA), the 117th Congress made the Federal Risk Assessment and Management Program (FedRAMP) Authorization Act one of the first bills passed in the House, passing by voice vote today. […]
Following the 11th hour exclusion of his bill to codify the Federal Risk Assessment and Management Program (FedRAMP) into law from must-pass defense legislation, Rep. Gerry Connolly, D-Va., said he’s interested in giving the measure another push after the 117th Congress begins in January 2021. […]
Rory Kinney, Services Executive at the Defense Information Systems Agency’s (DISA) Operations Center, praised the operational balance that milCloud 2.0 services can bring to Department of Defense (DoD) organizations looking to move to cloud services, and forecasted that milCloud 2.0 is in line for a FedRAMP certification upgrade early next year. […]
The General Services Administration’s (GSA) FedRAMP Program has made significant strides over fiscal year 2020 and its priorities remain consistent as we look toward FY2021. […]
Cloud security provider Zscaler said it is making progress in efforts to obtain “High Impact” level classification under the Federal Risk and Authorization Management Program (FedRAMP) for its Zscaler Internet Access (ZIA) service – a secure internet and web gateway solution that was the first product of its kind to receive to earn FedRAMP certification earlier this year. […]
The House voted late on July 20 to include in the Fiscal Year 2021 National Defense Authorization Act (NDAA) legislation that would codify into law the FedRAMP program – giving the program a statutory foundation and formal standing for congressional review. […]
The General Services Administration (GSA) attributes the FedRAMP program’s success to building a culture that prioritizes continuous improvement, and aims to continue program growth through its recently launched FedRAMP Agency Liaison Program. […]
A collection of trade groups representing the nation’s biggest tech firms is urging Senate leadership to match or exceed the $1 billion in funding for the Technology Modernization Fund (TMF) approved by the House last month as part of the HEROES Act pandemic-relief legislation. […]
FedRAMP announced that it has kicked off a new initiative – the Agency Liaison Program – that the FedRAMP Project Management Office (PMO) said is “designed to transform the way FedRAMP informs and collaborates with Federal agencies,” and “help agencies and industry be more efficient in their cloud adoption efforts.” […]
The National Institute of Standards and Technology (NIST) released Open Security Controls Assessment Language (OSCAL) 1.0.0 Milestone 3, a key step toward finalizing the full initial release of OSCAL v1. […]