Pete Waterman, the director of the Federal Risk and Authorization Management Program (FedRAMP), previewed on Thursday a new initiative he called the “FedRAMP Cybersecurity Service” as part of the federal cloud security program’s broader plans for 2026.
Speaking at an event hosted by the Digital Government Institute, Waterman framed 2026 as the delivery phase of FedRAMP’s multiyear modernization effort. “2025 laid the foundation, and 2026 is when we deliver,” he said, describing the coming year as “a huge year for FedRAMP.”
“The FedRAMP Cybersecurity Service will recruit security engineers to build FedRAMP into a world-class security program,” Waterman said during the Jan. 22 event.
“We’ll continue to expand the community, work closer with agencies, and keep providing a minimum level of automated, continuous monitoring for cloud services that are directly certified or validated by FedRAMP,” he added.
Waterman offered few details on the FedRAMP Cybersecurity Service and declined to elaborate further when asked for more information. “Did I mention that? Spoilers! Shh,” he replied, “You’ll have to stand by.”
The tease came amid a broader outline of FedRAMP’s plans for 2026 and beyond, which he said include a wide release of FedRAMP 20x, expanded agency adoption, earlier marketplace access for cloud services, and a push for a “more balanced approach” to the FedRAMP Rev5 Agency Authorization process.
Waterman emphasized that while change to FedRAMP will continue, it will be “smaller, more predictable” and shaped by stakeholder feedback. He described the current moment as the culmination of years of rebuilding the program’s authorities and responsibilities.
Notably, as of September, FedRAMP’s workforce had dropped to 28 employees, having lost over 50 employees in fiscal year (FY) 2025. At the time, Waterman stated that the target staff for FY 2026 is approximately 43 employees.
It remains unclear whether the security engineers hired as part of the FedRAMP Cybersecurity Service would be included in that target number.
“We’re on track to realizing the most significant necessary changes this year,” Waterman said. “It will be the biggest step taken towards our ultimate goal of ensuring that civil servants at government agencies have access to all the modern tools and capabilities that they need to deliver effectively for the people.”