Tag Archives: FedRAMP

Matt Goodrich: FedRAMP Website Updates Key on Info Availability, Stakeholder Education

The General Services Administration emphasized wider availability of information on the FedRAMP cloud computing initiative and user experience with updates to the program’s website that went live in March, FedRAMP’s director has told Executive Gov. Matt Goodrich, who has led the FedRAMP initiative for GSA since September 2011, also said the agency has included a new …

Read More »

Michaela Iorga: NIST’s New Cloud Security Guidance Puts Focus Beyond FedRAMP Baseline

The National Institute of Standards and Technology is developing new guidelines on cloud security controls to supplement the Federal Risk and Authorization Management Program’s baselines and impact levels, FierceGovernmentIT reported Thursday. Molly Bernhart Walker writes that Michaela Iorga, NIST’s senior security technical lead for cloud computing, said the future NIST Special Publication 800-174 …

Read More »

Andy Ozment, Luke McCormack Testify on DHS’ Cyber Priorities

Andy Ozment, assistant secretary for cybersecurity and communications at the Department of Homeland Security, testified before a Senate panel on the $1.4 billion proposed cyber budget for fiscal year 2016 at DHS, Federal News Radio reported Wednesday. Sean McCalley writes that Ozment highlighted DHS’ desire for the increased budget to support DHS …

Read More »

Profile: Maria Roat, Transportation Department CTO

Maria Roat serves as chief technology officer at the Transportation Department, where she leads the department’s technical vision and strategic direction. She most recently served as director of the Federal Risk and Authorization Management Program from January 2013 through August 2014. The 30-year information technology veteran previously served at the …

Read More »

Matthew Goodrich Eyes ‘Risk-Based’ Model for FedRAMP’s CDM Portion

Matthew Goodrich, director of the Federal Risk and Authorization Management Program, has said he wants to transform FedRAMP’s approach toward continuous monitoring of computer systems to a more “more risk-based” approach in an interview with FCW published Thursday. Goodrich told FCW that the continuous monitoring functions within are FedRAMP is “solid” but remain based on compliance, Sean …

Read More »

Report: Agencies Eye Cloud Encryption Gateways to Protect Data in the Cloud

Government agencies are turning toward data encryption technology to supplement the network security standards in the Federal Risk and Authorization Management Program as some agencies remain wary of cloud, Federal News Radio reported Friday. Jason Miller writes that chief information officers and chief information security officers at agencies are looking for clearer data protection …

Read More »

Matthew Goodrich: FedRAMP’s Revamped Website to Offer Training for Cloud Security Authorization Process

The Federal Risk and Authorization Management Program’s website is being updated to include training modules designed to educate agencies and vendors about the approval process for cloud offerings, Federal Times reported Thursday. Aaron Boyd writes Matthew Goodrich, FedRAMP director, said his office plans to unveil a dedicated FedRAMP portal in …

Read More »

FedRAMP Unveils Draft of High-Impact Cloud Security Standards; Matt Goodrich Comments

The Federal Risk and Authorization Management Program office seeks public feedback on a draft baseline for hosting and securing high-impact federal information systems in cloud environments, FierceGovernmentIT reported Thursday. Dibya Sarkar writes FedRAMP’s Joint Authorization Board currently only authorizes cloud offerings that require low- to moderate-level security. The higher baseline …

Read More »