The Cloud Safe Task Force (CSTF) – comprised of four nonprofits: MITRE, the Cloud Security Alliance (CSA), the Advanced Technology Academic Research Center (ATARC), and the IT Acquisition Advisory Council (IT-AAC) – held its fourth meeting on Wednesday to discuss how to achieve greater authorization-to-operate (ATO) reciprocity in cloud security practices. […]
By Dave Levy, Vice President, Amazon Web Services The FedRAMP Authorization Act was recently signed into law as part of the defense authorization bill, a signal that cloud technologies continue to have a permanent place in helping U.S. government agencies deploy secure and innovative solutions to accomplish their missions. Through this legislation, policy leaders on […]
Artificial intelligence (AI) and machine learning (ML) capabilities are still coming to bear as Federal agencies continue to understand how these technologies can help drive cloud adoption and evolution. However, to be successful in this environment Federal agencies must understand their security obligations and those of a cloud computing provider to ensure accountability, along with the role that AI/ML plays in security automation, a senior Cybersecurity and Infrastructure Security Agency (CISA) official said. […]
With this year’s $1 billion infusion into the Technology Modernization Fund – and possibly more funding on the way – government agencies have the unique opportunity to get their workforce up to speed on the latest tools and technologies available. But what resources exist to help government leaders meet the workforce education mission? […]
Security policies can be tricky to navigate with constantly changing technology, but when developing a cloud program, it’s vital for agencies to continually update those policies, according to Federal leaders. […]
ACT-IAC announced it is seeking government and industry experts to volunteer for a work group to exchange information on cloud security authorizations to operate (ATOs). ACT-IAC is establishing the group to help the General Services Administration’s Technology Transformation Services (TTS) organization and FedRAMP learn more about industry’s approach to security and cloud authorizations. The group […]
The Information Systems Audit and Control Association (ISACA) released a white paper this month that reinforces its suggested practices to bolster cloud security, privacy, and compliance. […]
The Defense Information Systems Agency–DISA–has granted IBM’s SmartCloud for Government a 12-month Department of Defense Provisional Authorization for systems hosting data at Impact Level 5–IL5. The move makes IBM’s Infrastructure-as-a-Service–IaaS–the latest cloud service available to Federal agencies for the highest level of unclassified information. […]