The Federal Risk and Authorization Management Program has listed some actions it requires CSPs, or cloud service providers, to perform in response to an emergency directive released by the Cybersecurity and Infrastructure
MoreA report by the Atlantic Council’s Cyber Statecraft Initiative under the Digital Forensic Research Lab has identified compounded dependence and delegated control and visibility as two risk factors that should inform the
More by Jane Edwards
The Federal Risk and Authorization Management Program has added two new columns to the Plan of Actions and Milestones template to help agency partners track findings related to the Cybersecurity and Infrastructure
More by Jane Edwards
Alex Stamos, partner at the Krebs Stamos Group and a federal advisory committee member at the Cybersecurity and Infrastructure Security Agency, said he believes basic security functions should not be sold as
More by Jane Edwards
The Federal Risk and Authorization Management Program is seeking public feedback on initial draft guidance meant to help cloud service providers develop the authorization boundary associated with their cloud offerings. The guidance
More by Jane Edwards
The Federal Risk and Authorization Program (FedRAMP) is permitting remote testing of certain data centers run by cloud service providers. “All remote testing must be explicitly detailed in the Security Assessment Plan
More by Jane Edwards
The Federal Risk and Authorization Management Program (FedRAMP) has updated a document that details the roles and responsibilities of each stakeholder in the cyber incident communication process. “Additionally, CSPs are responsible for
More by Jane Edwards
The Department of Justice's (DOJ) Security Operations Center (JSOC) has passed an assessment conducted by the Department of Homeland Security (DHS). DHS said Thursday that its Cybersecurity Service Provider delivered the assessment
MoreThe Federal Risk and Authorization Management Program (FedRAMP) has released a document for vulnerability scanning procedures involving container technology for cloud environments. The Vulnerability Scanning Requirements for Containers guidance details standards for
MoreThe Cybersecurity and Infrastructure Security Agency (CISA) plans to provide in 2021 an updated Continuous Diagnostics and Mitigation (CDM) program that could help reduce reporting requirements for agencies while helping them improve
More by Jane Edwards