The General Services Administration (GSA), in consultation with the Office of Management and Budget (OMB), has announced the inaugural members of the Federal Secure Cloud Advisory Committee (FSCAC).
The FSCAC was created by legislation approved late last year that codified the Federal Risk and Authorization Management Program (FedRAMP) into law.
The 11-year-old FedRAMP program is operated by GSA to provide a standardized, government-wide approach to security assessment, authorization, and continuous monitoring for cloud products and services used by Federal government agencies.
The FSCAC will advise and provide recommendations to the GSA administrator, the FedRAMP Board, and Federal agencies to ensure effective and ongoing coordination in acquisition and adoption of cloud computing products and services.
“Technology changes fast, so ensuring the Federal government, and especially FedRAMP, can quickly respond to that constantly evolving product and threat landscape is critical,” GSA Administrator Robin Carnahan said in a May 12 press release.
“We’re eager to get feedback from both industry and agency partners about how we can improve the experience of using FedRAMP by streamlining the process and enhancing security. Establishing this new Federal Secure Cloud Advisory Committee is an important first step,” she added.
The committee is comprised of 15 members from the public and private sectors, appointed by the GSA administrator, in consultation with the OMB director. The inaugural members include:
- Committee Chair:
- Ann Lewis, GSA
- At least one representative each from the Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute of Standards and Technology (NIST):
- Branko Bokan, CISA
- Matt Scholl, NIST
- At least two officials who serve as the chief information security officer (CISO) within an agency:
- Bo Berlas, GSA
- LaMonte Yarborough, Department of Health and Human Services (HHS)
- At least one official serving as Chief Procurement Officer (or equivalent) in an agency:
- Nauman Ansari, Small Business Administration (SBA)
- At least one individual representing an independent assessment organization:
- Marci Womack, Schellman
- At least five representatives from unique businesses that primarily provide cloud computing services or products, including at least two representatives from a small business:
- Victor Brown, IBM
- Michael Vacirca, Google
- Ravi Jagannathan, Palo Alto Networks
- John Greenstein, Bluescape (small business representative)
- TBD (small business representative)
- At least two other representatives from the Federal government as the administrator determines necessary to provide sufficient balance, insights, or expertise to the committee:
- Jackie Snouffer, Defense Information Systems Agency (DISA)
- Bill Hunt, Securities and Exchange Commission (SEC)
- Fifteenth Member (no category)
- Joshua Cohen, Department of Veterans Affairs (VA)