Government Technology Insider
  • About
  • State & Local
  • Civilian
  • Defense & IC
SUBSCRIBE
No Result
View All Result
  • Acquisition
  • AI & Data
  • Cybersecurity
  • CX
  • Digital Transformation
  • Hybrid Work
    • Work Smarter
  • Public Safety
  • Resources
    • Technology Trends Shaping the Future of Government
    • World of Work
    • Your Digital Transformation Path Starts Here
    • The Frontlines of Customer Experience
    • Innovative Solutions for Connecting Agencies
    • Be Ready For What’s Next
Government Technology Insider
  • Acquisition
  • AI & Data
  • Cybersecurity
  • CX
  • Digital Transformation
  • Hybrid Work
    • Work Smarter
  • Public Safety
  • Resources
    • Technology Trends Shaping the Future of Government
    • World of Work
    • Your Digital Transformation Path Starts Here
    • The Frontlines of Customer Experience
    • Innovative Solutions for Connecting Agencies
    • Be Ready For What’s Next
No Result
View All Result
Government Technology Insider
No Result
View All Result
Home Civilian

In 2022, Agencies Will Return Their Focus to FedRAMP Solutions

by Jenna Sindle
January 11, 2022
in Civilian, Cybersecurity
Reading Time: 4 mins read
A A
FedRAMP solutions
Share on FacebookShare on Twitter

It could be a breakthrough year for the Federal Risk and Authorization Management Program (FedRAMP). The SolarWinds attack of late 2020 brought a nearly overnight shift in the nation’s attention to securing its data networks and IT supply chain. In fiscal 2021, agencies reused more FedRAMP-authorized cloud security packages than ever before – a 45 percent increase from the prior year. The White House’s 2021 Executive Order on Improving the Nation’s Cybersecurity has brought more focus to FedRAMP solutions, calling for increased documentation and reporting, expedited adoption of Zero-Trust architecture, improved incident response, and further modernization of the program. This spotlight on FedRAMP means that agencies, legislators, and private contractors are making moves to further refine what it means to be FedRAMP authorized.

Since the SolarWinds attack, officials are seeking ways to tighten FedRAMP requirements and closely monitor overseas vendors in the IT supply chain. Legislators have expressed concerns over the dangers of federal cloud systems that are reliant on software code originally engineered overseas, particularly code engineered by geopolitical rivals. The Federal Secure Cloud Improvement and Jobs Act, introduced in Congress in late 2021, would codify the FedRAMP program into law, as well as require further assessment and possible restriction of software code with overseas origins that is used by authorized cloud products.

Amidst these initiatives, FedRAMP’s goal in 2022 is to increase automation to improve its business processes. Much of this work is focused on the adoption of Open Security Controls Assessment Language (OSCAL), a machine-readable framework that will standardize authorization packages and streamline reviews. Creating automated authorization packages will enable cloud service providers (CSPs) to validate their systems before submitting them to FedRAMP for review. These packages will also help drive continuous monitoring of CSPs as well as help third-party assessment organizations (3PAOs) speed up processes when certifying FedRAMP standards for cloud products.

Another FedRAMP goal this year is to update the baseline and test cases to NIST’s security and privacy controls, which have undergone a major revision over the past year. The FedRAMP Project Management Office (PMO) is also partnering with DHS, CISA, and the .govCAR methodology of conducting threat-based assessments of cyber capabilities to create a new scoring system based on the efficiency of detection and response to real-world threats. This initiative aims to speed up the FedRAMP authorization process by focusing on the current threat landscape rather than taking a broad-based approach that may require excess resources.

On IT and data modernization initiatives prior to the White House’s Executive Order (EO) on Cybersecurity, Andrew Churchill, VP of Federal Sales at Qlik, said, “Showing that we could solve a problem was easy. Helping federal agencies figure out how to get through all of the IT and security approvals to put that into production was something completely different.”

The White House’s EO has demonstrated a shift in how the federal government approaches cybersecurity. It provides clearer objectives, which not only demonstrates urgency but prepares agencies to set priorities and meet deadlines. Furthermore, the increased focus on strengthening the FedRAMP program has generated momentum among both agencies and private contractors, which will help the federal government execute its cybersecurity initiatives much faster and more deliberately.

Tags: cybersecuritydata modernizationFedRAMPNISTOSCALQliksolarwindsSupply Chain Attacks

RELATED POSTS

Virtual Technology Briefing
AI & Data

Virtual Technology Briefing Showcases Strategies to Empower Agencies to Do More with Less

March 14, 2023
Contributed Articles

Silent But Deadly: The Cybersecurity Risks of Quiet Quitting

March 9, 2023
collaborating on cybersecurity
Cybersecurity

Collaborating on Cybersecurity Best Practices Enables Federal Agencies to Combat Global Threats

March 8, 2023

TRENDING NOW

  • Advana

    Meet Advana: How the Department of Defense Solved its Data Interoperability Challenges

    9333 shares
    Share 3733 Tweet 2333
  • Laid-off Tech Workers Find Unexpected Opportunities with Federal Government Contractors

    13 shares
    Share 5 Tweet 3
  • The Five Pillars of Zero Trust Architecture

    430 shares
    Share 172 Tweet 108

CONNECT WITH US

Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad
Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad
MaaS Nebula Software Factory Banner Ad MaaS Nebula Software Factory Banner Ad MaaS Nebula Software Factory Banner Ad
Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad
Advertisment Banner Ad Advertisment Banner Ad Advertisment Banner Ad
Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad

BECOME AN INSIDER

Get Government Technology Insider news and updates in your inbox.

Strategic Communications Group is a digital media company that helps business-to-business marketers drive customer demand through content marketing, content syndication, and lead identification.

Related Communities

Financial Technology Today
Future Healthcare Today
Modern Marketing Today
Retail Technology Insider
Today’s Modern Educator

Quick Links

  • Home
  • About
  • Contact Us

Become a Sponsor

Strategic Communications Group offers analytics, content marketing, and lead identification services. Interested?
Contact us!

© 2023 Strategic Communications Group, Inc.
Privacy Policy      |      Terms of Service

No Result
View All Result
  • Home
  • About Government Technology Insider
  • State & Local
  • Civilian
  • Defense & IC
  • Categories
    • Acquisition
    • AI & Data
    • Customer Experience
    • Cybersecurity
    • Digital Transformation
    • Hybrid Work
    • Public Safety
  • Contact Us