StateRAMP to Open Membership Registration for Cloud Security Vetting Initiative in April

StateRAMP to Open Membership Registration for Cloud Security Vetting Initiative in April
Cloud Security Vetting

Not-for-profit-organization StateRAMP will begin membership registrations for its program aimed at helping vendors and agencies comply with cloud security standards (CSP) next month, GCN reported Tuesday.

StateRAMP, which is based on the Federal Risk and Authorization Management Program (FedRAMP), operates in compliance with National Institute of Standards and Technology’s (NIST) 800-53 controls to help ensure standardization among cloud service providers.

CSPs must undergo a readiness assessment to validate security controls and determine their potential to pass full FedRAMP assessments within a two to four-week period. StateRAMP has spent over 1,000 hours in outreach and awareness efforts on cloud security since its establishment in January.

The group’s outreach efforts include dialogue with 25 states and 44 out of over 800 cloud service providers that expressed interest in the organization’s cybersecurity vetting efforts.

Seventeen third-party assessment organizations for FedRAMP have announced their intent to concurrently serve as 3PAOs for StateRAMP.

You may also be interested in...

David McKeown

David McKeown: DOD Eyes Creation of Zero-Trust-Focused Portfolio Office

David McKeown, the Department of Defense's (DOD) equivalent of a chief information security officer, said DOD is looking to establish a portfolio management office that specializes in zero-trust cybersecurity. The office's creation would help DOD centralize and manage efforts to implement a zero-trust architecture, which strictly imposes requirements before one is able to access the defense network.