OMB Seeks to Clarify Security Liability in Cloud Contracts; Thomas Santucci Quoted

The Office of Management and Budget (OMB) intends to standardize language in government contracts with cloud service providers to clarify terms with regard to security liability, Nextgov reported Wednesday.

“OMB has just stood up a [program management office] to work on a cloud [service level agreement] template for the federal government to be attached to every contract,” Thomas Santucci, director of the Data Center and Cloud Optimization Infrastructure program management office at the General Services Administration, said Wednesday at a Digital Government Institute-hosted virtual conference.

He noted that security was one of the topics cited in developing the new templates for cloud contracts.

Santucci added that he believes there is a need to update cloud SLAs and that his team is working on that within GSA. He also mentioned how the COVID-19 pandemic prompted some agencies to advance their move to the cloud.

You may also be interested in...

David McKeown

David McKeown: DOD Eyes Creation of Zero-Trust-Focused Portfolio Office

David McKeown, the Department of Defense's (DOD) equivalent of a chief information security officer, said DOD is looking to establish a portfolio management office that specializes in zero-trust cybersecurity. The office's creation would help DOD centralize and manage efforts to implement a zero-trust architecture, which strictly imposes requirements before one is able to access the defense network.