Continuous ATO: Going from Authority to Operate (ATO) to Ability to Respond
This white paper explores best practices designed to help reduce the time and cost of ATOs while improving access to risk data using process automation.
FedRAMP ATO Prioritization for Generative AI Cloud Solutions
The US Government is continuing to move rapidly to ensure US competitiveness in the area of Artificial Intelligence (AI). The FedRAMP Program Management Office (PMO) published the Emerging Technology Prioritization Framework (ETPF) in January 2024. The ETPF is designed to help accelerate the availability of FedRAMP accredited Gen AI cloud solutions for federal agencies and […]
stackArmor’s ThreatAlert ATO® Accelerator Supports NIH AIM-AHEAD Program
Solution enables underrepresented communities greater access to AI/ML research capabilities MCLEAN, Va.–(BUSINESS WIRE)–stackArmor, a leading provider of cloud, security and compliance acceleration solutions for meeting FedRAMP, FISMA and CMMC 2.0, today announced it has been supporting Dr. Paul Avillach, one of the Multiple Principal Investigators of the National Institutes of Health (NIH)’s Artificial Intelligence/Machine Learning […]
GAO Report Details FedRAMP ATO Challenges and Costs
The US Government Accountability Office (GAO) released a report on The Federal Risk and Authorization Management Program (FedRAMP®). The 37 page report provides highly relevant insights to both agencies and commercial organizations pursuing FedRAMP accreditations or ATOs. Highlights from the report are presented below. Key Challenges Faced by Agencies and Cloud Service Providers (CSP) Receiving timely responses […]
FedRAMP and Federal Cybersecurity Market Roundup October 2023
October was a busy month for FedRAMP. From Federal Secure Cloud Advisory Committee (FSCAC) meetings to an automation overhaul, there were a slew of activities aiming to further prepare the program for the future it faces and will need to serve. Developing the Next Generation of FedRAMP The push to really explore FedRAMP’s upcoming chapter […]
Accelerating FedRAMP ATOs: OMB Memo
The Office of Management and Budget (OMB) released a Draft Memorandum for Modernizing the Federal Risk and Authorization Management Program (FedRAMP) on Friday, Oct 27, 2023. FedRAMP was codified in 2022 when Congress passed the FedRAMP Authorization Act (“Act”). The Act established FedRAMP within the General Services Administration (GSA) and created a FedRAMP Board to […]
FedRAMP and Federal Cybersecurity Market Roundup September 2023
It’s been a few weeks now since Carahsoft’s FedRAMP Headliner Summit, but there is no shortage of moments to recall from it. For instance, Robert Costello commemorated his two-year anniversary as CIO at the Cybersecurity and Infrastructure Security Agency (CISA) during the event. While speaking on his role, he explained the difference that has unfolded, […]
Looking Forward to the GovForward FedRAMP Headliner Summit
What’s the cloud hanging over cloud service providers’ heads? The rapidly evolving threat landscape. It’s challenging to keep up with the pace and scale of risk, which is especially true when you are working with clients as essential as federal government agencies. Therefore, it’s critical to not only maintain cyber hygiene, but to anticipate what’s […]
FedRAMP and Federal Cybersecurity Market Roundup August 2023
If federal cybersecurity were a play, regulatory programs such as FedRAMP would be like the directors helping to guide all of the participating actors properly execute their parts and bring the vision to life. And with the spotlight growing brighter due to the mass digital migration, evolving tech landscape, and expanding threat environment, they recently […]
Securing an Agency Sponsor for FedRAMP Agency-Sponsored ATO
Obtaining a mandated Federal Risk and Authorization Management Program (FedRAMP) Authorization to Operation (ATO) is increasingly important for Cloud Service Providers (CSPs) who wish to make Cloud Service Offerings (CSOs) available to federal government agencies. The FedRAMP Authorization Act codifies the security and compliance requirements for commercial CSPs as they increasingly shift away from on-prem […]