After a few failed attempts, cyber incident reporting legislation made it over the finish line as part of the fiscal year (FY) 2022 appropriations bill – a victory hailed by Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly and lawmakers as a necessary step for more visibility to protect critical infrastructure. […]

The Senate on March 1 approved by unanimous consent the Strengthening American Cybersecurity Act of 2022. The bill is a sweeping legislative package introduced last month that aims to update the Federal Information Security Management Act (FISMA), codify the General Services Administration’s Federal Risk and Authorization Management Program (FedRAMP), and require timely cyber incident reporting by critical infrastructure providers. […]

Leadership of the Senate Homeland Security and Governmental Affairs Committee has introduced a package bill in the Senate that would update both the Federal Information Security Management Act (FISMA), which sets cybersecurity requirements for Federal agencies, and codify the Federal Risk and Authorization Management Program (FedRAMP) that certifies cloud services as secure to use for Federal government agencies. […]

FedRAMP

Jennifer Franks, director of information technology and cybersecurity at the Government Accountability Office (GAO), is calling on the Office of Management and Budget (OMB) to develop a standardized definition of what the Federal Risk and Authorization Management Program (FedRAMP) costs and how government agencies should evaluate costs when moving their services into the cloud. […]

FedRAMP
FedRAMP

The Senate Homeland Security and Governmental Affairs Committee voted today to advance the Federal Secure Cloud Improvement and Jobs Act of 2021, sending the bill to the full Senate for consideration. […]

FedRAMP

The Senate Homeland Security and Governmental Affairs Committee held a roundtable discussion on Nov. 30 with Federal officials and industry experts about proposed reforms to the General Service Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP). […]

cloud

Sen. Gary Peters, D-Mich., chairman of the Senate Homeland Security and Governmental Affairs Committee, introduced legislation this week to make permanent the General Service Administration’s Federal Risk and Authorization Management Program (FedRAMP), and ensure that Federal agencies can quickly and securely adopt cloud technologies. […]

cloud

Following on the successes of the FedRAMP program that certifies cloud services as secure to use for Federal government agencies, the home-grown StateRAMP program is forging ahead with similarly vital services to state and local governments and institutions of higher learning, state, and industry leaders explained on October 5 during MeriTalk’s StateRAMP: Taking the On-Ramp to Secure SLED Cloud Solutions online event. […]

The fiscal year (FY) 2022 National Defense Authorization Act (NDAA) passed the House of Representatives late Sept. 23 with a bipartisan 316-113 vote. Among the amendments are a number of tech provisions focusing heavily on cybersecurity, along with some focusing on the digital workforce, cloud, and AI. […]

StateRAMP, the nonprofit formed earlier this year by leaders from state and local governments and the private sector to help state and local governments manage their third party supplier cybersecurity risks, has released the initial roster of its Authorized Vendor List (AVL). […]

The Office of Management and Budget (OMB) and the Cybersecurity and Infrastructure Security Agency (CISA) both published key draft guidance documents today that provide the next set of road maps for Federal civilian agencies to transition to zero trust security concepts over the next three years and to guide agencies to securely migrate to cloud services. […]

FedRAMP

The Federal Risk and Authorization Management Program (FedRAMP) authorization journey can sometimes be a confusing one to navigate, but experts agree that the National Institute of Standards and Technology’s (NIST) Open Security Controls Assessment Language (OSCAL) formats are helping to speed the FedRAMP approval process. […]

Cloud

Federal agency demand for cloud service products in the General Services Administration’s (GSA) FedRAMP marketplace showed a 60 percent year-over-year jump in the first half of Fiscal Year 2021, as agencies continued their move to cloud services in order to deal with pandemic-driven tech needs and IT modernization priorities. […]

FedRAMP
FedRAMP
Connolly

The FedRAMP Authorization Act sponsored by Rep. Gerry Connolly, D-Va., has been nearly four years in the making without crossing the goal line. But after the House approved the bill earlier this year, Rep. Connolly said today that the House is “working in lockstep” with Senate colleagues to hopefully pass the bill in 2021. […]

FedRAMP

The American Association for Laboratory Accreditation (A2LA) has released an updated version of the R311 policy document, which outlines the requirements for all FedRAMP recognized third-party assessment organizations (3PAOs) and organizations seeking A2LA accreditation to be recognized by FedRAMP. […]

Cloud

While the Federal government certifies cloud vendors as secure through the General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP), an official at the Government Accountability Organization (GAO) shared striking statistics about agencies going outside of the program for cloud vendors, which can lead to vulnerabilities. […]

FedRAMP
IRS
cloud

U.S. Customs and Border Protection (CBP) issued a request for information (RFI) regarding the private sector capabilities to support key capabilities of an Incident-Driven Video Recording System (IDVRS) program – body-worn cameras (BWC), video management systems (VMS), IT infrastructure, cloud-based storage systems, and other interrelated systems supporting incident-driven recordings. […]

FedRAMP

The FedRAMP Program Management Office (PMO) announced March 24 that it has recently joined YouTube. The PMO said its channel will serve as “a one-stop source for quick, simple, informative videos on FedRAMP tutorials, and program updates.” […]

FedRAMP

Categories