Ashley Mahan: FedRAMP Seeks to Improve Certification Process With Threat Intell Reports

Jeff Brody
Ashley Mahan

Ashley Mahan, acting director of the General Services Administration’s Federal Risk and Authorization Management Program, said FedRAMP is moving toward a threat-based approach to risk monitoring and authorization, Federal Times reported Wednesday.

“Right now, we’re working with various government agencies in obtaining that threat intelligence information, what kinds of threats are posed to our IT, and we’re literally mapping that to the suite of controls and security requirements that our cloud service providers meet,” Mahan said Wednesday at the Billington CyberSecurity conference in Washington, D.C.

She said adjusting the security requirements based on threat information would help agencies prepare for such vulnerabilities once they field their cloud platforms.

“It gives the agency the ability to start using the product faster … and not only that, we’re going to take that information and also apply it to continuous monitoring,” Mahan added.

You may also be interested in...

Army Multi-Domain

Army Activates 2nd Multi-Domain Task Force in Germany for Defeating A2/AD Networks; Col. Jonathan Byrom Quoted

U.S. Army Europe and Africa has activated the 2nd Multi-Domain Task Force, a group tasked to stop adversary anti-access/area-denial networks in land, air, water, space and other environments. The 2nd MDTF will be based at the Clay Kaserne installation in Wiesbaden, Germany, and will be led by Col. Jonathan Byrom, the Army said Friday.