Home / News / Report: DISA Testing Military Systems Against New FedRAMP Security Controls

Report: DISA Testing Military Systems Against New FedRAMP Security Controls

The Defense Information Systems Agency is working with the military to identify mission-critical systems and running pilot tests for the additional Federal Risk and Authorization Management Program Level 3 security requirements, Federal News Radio reported Thursday.

Jason Miller writes the tests are conducted to help the Defense Department‘s risk executive function determine the applicability of the new requirements and the acceptable risk in bringing critical applications to the cloud.

“We are looking at the business case of the additional parameters for controlled unclassified information, because we are very conscientious about where our data resides and how it’s protected,” said Kevin Dulany, risk management oversight chief at DoD’s office of the chief information officer.

Miller reports Levels 3 and 4 have at least 20 added security standards, although agencies are also concerned about a potential new baseline for applications rated beyond the moderate level.

According to FedRAMP Director Maria Roat, agencies rated only 12 percent of their systems as having high security requirements, and they are also having difficulty pinpointing those systems.

However, as the June 5 deadline has passed for agencies to use cloud services that comply with the new FedRAMP low-to-moderate standards, agencies continue to adjust to the new requirements.

With the possibility of new standards for high-rated systems and changes to the continuous monitoring process, FedRAMP is also looking at future changes to the federal cloud service marketplace, writes Miller.

“We are thinking through that, as well as taking feedback from the cloud service providers and really getting industry’s take on what should the program look like two years out and how it’s going to morph,” Roat said.

Check Also

DARPA Launches Program Seeking High Performance Computing for Military Simulators

The Defense Advanced Research Projects Agency launched a new program to improve how virtual training environments replicate real-world interactions and host more complex systems. DARPA unveiled Monday that the Digital RF Battlespace Emulator program intends to build a new breed of High Performance Computing capable of supporting advanced radio frequency for simulators. 

Leave a Reply

Your email address will not be published. Required fields are marked *