Sharon Woods, director of the hosting and compute center at the Defense Information Systems Agency, said systems integrators will continue to play a key role in DISA’s hosting and computing journey, particularly
More
The Federal Risk and Authorization Management Program (FedRAMP) has announced the release of updated Readiness Assessment Report (RAR) templates and guide for third-party assessment organizations. The updated RAR guide and templates seek
More
The Federal Risk and Authorization Management Program (FedRAMP) recently teamed up with the Cybersecurity and Infrastructure Security Agency (CISA) to apply CISA’s .govCAR methodology to score security controls of cloud service providers
More
The General Services Administration (GSA) will soon issue XML-automated validations to enable cloud services providers seeking an authority to operate to check whether all the required data is included in their security
More
The Federal Risk and Authorization Management Program is seeking public feedback on initial draft guidance meant to help cloud service providers develop the authorization boundary associated with their cloud offerings. The guidance
More
The Federal Risk and Authorization Program (FedRAMP) is permitting remote testing of certain data centers run by cloud service providers. “All remote testing must be explicitly detailed in the Security Assessment Plan
More
The Federal Risk and Authorization Management Program (FedRAMP) has updated a document that details the roles and responsibilities of each stakeholder in the cyber incident communication process. “Additionally, CSPs are responsible for
More
The Federal Risk and Authorization Management Program (FedRAMP) has released a document for vulnerability scanning procedures involving container technology for cloud environments. The Vulnerability Scanning Requirements for Containers guidance details standards for
More
The Cybersecurity and Infrastructure Security Agency (CISA) plans to provide in 2021 an updated Continuous Diagnostics and Mitigation (CDM) program that could help reduce reporting requirements for agencies while helping them improve
More
The National Institute of Standards and Technology (NIST) has issued a new report on forensic science challenges faced by law enforcement officers, auditors and other professionals in cloud environments. The report enumerated 62 cloud-related
More