Cloud security provider Zscaler said it is making progress in efforts to obtain “High Impact” level classification under the Federal Risk and Authorization Management Program (FedRAMP) for its Zscaler Internet Access (ZIA) service – a secure internet and web gateway solution that was the first product of its kind to receive to earn FedRAMP certification earlier this year. […]
Tags
FedRAMP
After two days of floor debate, the House of Representatives on July 21 approved its version of the National Defense Authorization Act for Fiscal Year 2021, by a vote of 295 to 125. […]
The House voted late on July 20 to include in the Fiscal Year 2021 National Defense Authorization Act (NDAA) legislation that would codify into law the FedRAMP program – giving the program a statutory foundation and formal standing for congressional review. […]
The General Services Administration (GSA) attributes the FedRAMP program’s success to building a culture that prioritizes continuous improvement, and aims to continue program growth through its recently launched FedRAMP Agency Liaison Program. […]
A collection of trade groups representing the nation’s biggest tech firms is urging Senate leadership to match or exceed the $1 billion in funding for the Technology Modernization Fund (TMF) approved by the House last month as part of the HEROES Act pandemic-relief legislation. […]
FedRAMP announced that it has kicked off a new initiative – the Agency Liaison Program – that the FedRAMP Project Management Office (PMO) said is “designed to transform the way FedRAMP informs and collaborates with Federal agencies,” and “help agencies and industry be more efficient in their cloud adoption efforts.” […]
The National Institute of Standards and Technology (NIST) released Open Security Controls Assessment Language (OSCAL) 1.0.0 Milestone 3, a key step toward finalizing the full initial release of OSCAL v1. […]
Katie Arrington, Cybersecurity Maturity Model Certification (CMMC) lead and CISO for acquisition at the Department of Defense’s (DoD) Undersecretary of Defense, confirmed that the CMMC and FedRAMP (Federal Risk and Authorization Management Program) offices are working on a way to grant reciprocity between the two certifications. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is advising the Federal workforce to use the “Zoom for Government” platform for teleconferencing instead of the company’s free service. […]
Fresh off notching an A+ grade on the latest FITARA Scorecard, the Department of Education knows it has a handle on good IT, and agency CISO Steven Hernandez said today he credits a measure of that success to an important mindset change on data. […]
A senior General Services Administration (GSA) official said today the agency is supportive of the primary aims of a new report recommending steps to modernize the Federal Risk and Authorization Management Program (FedRAMP), which provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. […]
The Federal Risk and Authorization Management Program (FedRAMP) and the National Institute of Standards and Technology (NIST) released the Open Security Controls Assessment Language (OSCAL) Milestone 2 for public comment. […]
The Federal Risk and Authorization Management Program (FedRAMP) saw a spike in authorizations from 2017 to 2019, but the program is still not used in all cloud acquisitions and agencies have gaps in implementing controls, according to a report from the Government Accountability Office (GAO) released December 12. […]
The General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP) will focus on administering simplicity, automation, marketplace growth, and learning opportunities in Fiscal Year 2020, according to Director Ashley Mahan. […]
The Securities and Exchange Commission (SEC) has taken an ad-hoc approach to cloud adoption instead of following its cloud strategy, and did not fully implement security measures, according to a report from the SEC’s inspector general released November 7. […]
The General Services Administration is taking its FedRAMP Program to cloud service providers, start-ups, and entrepreneurs in San Francisco on Sept. 25 to showcase opportunities to work with the program that speeds the authorization process to provide products and services in the Federal government’s $90 billion per year IT market. […]
A project under development at the National Institute of Standards and Technology (NIST) is aiming to fully automate FedRAMP (Federal Risk and Authorization Management Program) and enable interoperable automation for cloud service providers (CSPs). […]
The Defense Information Systems Agency (DISA) issued an Aug. 15 provisional authorization that would enable Defense Department (DoD) components and mission partners to streamline cloud authorizations. […]
Federal officials spoke about the future role of the cloud in mobile device management (MDM) and security at the ATARC Federal Mobile Technology Summit today. […]
FITARA, FedRAMP, and 21st Century IDEA are all shaping Federal IT modernization efforts, explained Rich Beutel and Mike Hettinger at ServiceNow’s Knowledge 2019 Conference. […]
Leadership of the House Government Reform Subcommittee introduced legislation today that would codify into law the FedRAMP (Federal Risk Assessment and Management Program), and take a number of other actions aimed at making the program work more efficiently. […]
The Federal Risk and Authorization Management Program (FedRAMP) today announced the launch of its Ideation Challenge that aims to inform the next iteration of the program’s processes and supporting functions. […]
Federal IT is on the right path and is making progress on modernization, but Congress will continue to push agencies to modernize faster and address slowdowns in processes, including FedRAMP, said Representative Gerry Connolly, D-Va. […]
The Consumer Financial Protection Bureau (CFPB) did not fully assess and authorize all of its cloud systems and did not effectively communicate with the FedRAMP program management office, leaving its cloud security at risk, according to an inspector general report published July 17. […]
Democratic and Republican leaders of the House Subcommittee on Government Reform today previewed their bipartisan effort to create legislation that would codify into law the FedRAMP (Federal Risk Assessment and Management Program) program that standardizes security requirements of cloud services used by the government, and make the FedRAMP program operate more efficiently. […]
The House Government Operations Subcommittee’s hearing on the role of FedRAMP in IT modernization is scheduled to begin at 11 a.m., on Wednesday, July 17. […]
Matt Goodrich, a senior advisor at the General Services Administration’s Technology Transformation organization and former director of the FedRAMP (Federal Risk and Authorization Management Program) program, announced in a tweet today that he will depart Federal service on July 26. […]
Several high-ranking Federal agency tech leaders are set to testify before the House Government Operations Subcommittee on July 17 when it holds a hearing to consider the effectiveness of the FedRAMP (Federal Risk Assessment and Management Program) program that standardizes security requirements of cloud services used by the government. […]
With vendors in various stages of approval for companies in the Federal Risk Assessment and Management Program (FedRAMP) program, getting a cloud offering approved and at the right level can be confusing, but new guidance from the FedRAMP program management office (PMO) aims to fix that. […]
ACT-IAC announced it is seeking government and industry experts to volunteer for a work group to exchange information on cloud security authorizations to operate (ATOs). ACT-IAC is establishing the group to help the General Services Administration’s Technology Transformation Services (TTS) organization and FedRAMP learn more about industry’s approach to security and cloud authorizations. The group […]