Join Us Aug 24, 2022

Wednesday, August 24, 2022 at 7:30am ET

As the FedRAMP program approaches the end of its first decade, an increased threat landscape has prompted changes throughout government. FedRAMP program executives have been updating its cloud security offerings to provide a system of security controls that offer a threat-based approach to risk management. The new framework was the result of work by the CISA .govCAR team at Department of Homeland Security that developed a scoring system for each of NIST’s 800-53 security controls. The new approach allows agencies to rank threats and respond effectively.

DOD also recently updated its Cloud Security Guide to reduce the differences between Defense security guidance and FedRAMP, and offered new opportunities for reciprocity between the systems.

And on the legislative front, Congress has been debating and is moving forward with legislation that would codify FedRAMP requirements and establish an advisory board.

Executives from government and industry will examine the new policy developments, how the changing threat environment challenges agencies with limited people and budgetary resources and lessons learned from the log4j vulnerability.

Attendees at this event will come away with a better understanding of:

• What the proposed rules on incident reporting can mean for agencies
• How a threat based approach to risk management offers more security
• How new data on threats and responses is helping create new frameworks
• Why including security frameworks in enterprise mobility management is essential
• What changes may be coming for acquiring cloud services thru a new marketplace
• How state and local governments are progressing with StateRAMP