Government Technology Insider
  • About
  • State & Local
  • Civilian
  • Defense & IC
SUBSCRIBE
No Result
View All Result
  • Acquisition
  • AI & Data
  • Cybersecurity
  • CX
  • Digital Transformation
  • Hybrid Work
    • Work Smarter
  • Public Safety
  • Resources
    • Beyond Modernization
    • Technology Trends Shaping the Future of Government
    • World of Work
    • Your Digital Transformation Path Starts Here
    • The Frontlines of Customer Experience
    • Innovative Solutions for Connecting Agencies
    • Be Ready For What’s Next
Government Technology Insider
  • Acquisition
  • AI & Data
  • Cybersecurity
  • CX
  • Digital Transformation
  • Hybrid Work
    • Work Smarter
  • Public Safety
  • Resources
    • Beyond Modernization
    • Technology Trends Shaping the Future of Government
    • World of Work
    • Your Digital Transformation Path Starts Here
    • The Frontlines of Customer Experience
    • Innovative Solutions for Connecting Agencies
    • Be Ready For What’s Next
No Result
View All Result
Government Technology Insider
No Result
View All Result
Home Civilian

In 2022, Agencies Will Return Their Focus to FedRAMP Solutions

by Jenna Sindle
January 11, 2022
in Civilian, Cybersecurity
Reading Time: 4 mins read
A A
FedRAMP solutions
Share on FacebookShare on Twitter

It could be a breakthrough year for the Federal Risk and Authorization Management Program (FedRAMP). The SolarWinds attack of late 2020 brought a nearly overnight shift in the nation’s attention to securing its data networks and IT supply chain. In fiscal 2021, agencies reused more FedRAMP-authorized cloud security packages than ever before – a 45 percent increase from the prior year. The White House’s 2021 Executive Order on Improving the Nation’s Cybersecurity has brought more focus to FedRAMP solutions, calling for increased documentation and reporting, expedited adoption of Zero-Trust architecture, improved incident response, and further modernization of the program. This spotlight on FedRAMP means that agencies, legislators, and private contractors are making moves to further refine what it means to be FedRAMP authorized.

Since the SolarWinds attack, officials are seeking ways to tighten FedRAMP requirements and closely monitor overseas vendors in the IT supply chain. Legislators have expressed concerns over the dangers of federal cloud systems that are reliant on software code originally engineered overseas, particularly code engineered by geopolitical rivals. The Federal Secure Cloud Improvement and Jobs Act, introduced in Congress in late 2021, would codify the FedRAMP program into law, as well as require further assessment and possible restriction of software code with overseas origins that is used by authorized cloud products.

Amidst these initiatives, FedRAMP’s goal in 2022 is to increase automation to improve its business processes. Much of this work is focused on the adoption of Open Security Controls Assessment Language (OSCAL), a machine-readable framework that will standardize authorization packages and streamline reviews. Creating automated authorization packages will enable cloud service providers (CSPs) to validate their systems before submitting them to FedRAMP for review. These packages will also help drive continuous monitoring of CSPs as well as help third-party assessment organizations (3PAOs) speed up processes when certifying FedRAMP standards for cloud products.

Another FedRAMP goal this year is to update the baseline and test cases to NIST’s security and privacy controls, which have undergone a major revision over the past year. The FedRAMP Project Management Office (PMO) is also partnering with DHS, CISA, and the .govCAR methodology of conducting threat-based assessments of cyber capabilities to create a new scoring system based on the efficiency of detection and response to real-world threats. This initiative aims to speed up the FedRAMP authorization process by focusing on the current threat landscape rather than taking a broad-based approach that may require excess resources.

On IT and data modernization initiatives prior to the White House’s Executive Order (EO) on Cybersecurity, Andrew Churchill, VP of Federal Sales at Qlik, said, “Showing that we could solve a problem was easy. Helping federal agencies figure out how to get through all of the IT and security approvals to put that into production was something completely different.”

The White House’s EO has demonstrated a shift in how the federal government approaches cybersecurity. It provides clearer objectives, which not only demonstrates urgency but prepares agencies to set priorities and meet deadlines. Furthermore, the increased focus on strengthening the FedRAMP program has generated momentum among both agencies and private contractors, which will help the federal government execute its cybersecurity initiatives much faster and more deliberately.

Tags: cybersecuritydata modernizationFedRAMPNISTOSCALQliksolarwindsSupply Chain Attacks

RELATED POSTS

CISA and Congressional Leaders
Cybersecurity

CISA and Congressional Leaders Look to Combat Cyber Threats from Nation-State Actors

September 14, 2023
Zero Trust Ensures Secure Access from Anywhere for Federal Agencies
Civilian

Zero Trust Ensures Secure Access from Anywhere for Federal Agencies

September 11, 2023
Video: Strategies for Overcoming Cyber Threats with Technology and Threat Intelligence
Cybersecurity Strategies

Video: Strategies for Overcoming Cyber Threats with Technology and Threat Intelligence

August 31, 2023

TRENDING NOW

  • A True Zero Trust Approach Requires Federal Agencies to Move Beyond Compliance

    A True Zero Trust Approach Requires Federal Agencies to Move Beyond Compliance

    374 shares
    Share 150 Tweet 94
  • Meet Advana: How the Department of Defense Solved its Data Interoperability Challenges

    12049 shares
    Share 4820 Tweet 3012
  • DoD Leverages Cyber Threat Intelligence for National Security

    130 shares
    Share 52 Tweet 33
  • Making Identity Verification Equitable for All

    22 shares
    Share 9 Tweet 6
  • AI Implications – Power Requirements Going Nuclear on Local Grids

    30 shares
    Share 12 Tweet 8

CONNECT WITH US

BECOME AN INSIDER

Get Government Technology Insider news and updates in your inbox.

Strategic Communications Group is a digital media company that helps business-to-business marketers drive customer demand through content marketing, content syndication, and lead identification.

Related Communities

Financial Technology Today
Future Healthcare Today
Modern Marketing Today
Retail Technology Insider
Today’s Modern Educator

Quick Links

  • Home
  • About
  • Contact Us

Become a Sponsor

Strategic Communications Group offers analytics, content marketing, and lead identification services. Interested?
Contact us!

© 2023 Strategic Communications Group, Inc.
Privacy Policy      |      Terms of Service

No Result
View All Result
  • Home
  • About Government Technology Insider
  • State & Local
  • Civilian
  • Defense & IC
  • Categories
    • Acquisition
    • AI & Data
    • Customer Experience
    • Cybersecurity
    • Digital Transformation
    • Hybrid Work
    • Public Safety
  • Contact Us