Author: TalaTek; Published: Feb 28, 2012; Category: Cloud Computing, Compliance, Continuous Monitoring, Federal Contractor, FedRAMP; Tags: Compliance, Continuous Monitoring, Federal law, FedRAMP; No Comments
On December 8, 2011, OMB issued the “Security Authorization of Information Systems in Cloud Computing Environments” policy, defining the Federal Risk and Authorization Management Program (FedRAMP). As the first steps in implementing FedRAMP, GSA published a revised set of security controls for Low and Moderate baselines (tailored specifically for cloud services) and released the FedRAMP Concept of Operations (CONOPS) on February 7, 2012. More Info»
Author: TalaTek; Published: Aug 2, 2011; Category: Compliance, Continuous Monitoring, Data Security, Federal law, Risk Management, Security; Tags: Compliance, Continuous Monitoring, Data Security, Federal law, Risk Management; No Comments
TalaTek began delivering FISMA continuous monitoring risk management services to its clients in 2008. At that time, this was something very few paid much attention to, and for the most part compliance efforts ended by signing the certification document. Customers were not interested in Continuous Monitoring services beyond that and instead waited for the annual or tri-annual anniversary to start the process all over again. More Info»
Author: TalaTek; Published: Jun 5, 2011; Category: Cloud Computing, Compliance, Continuous Monitoring, Cybercrime, Cybersecurity, Data Security, Federal law, Security; Tags: Compliance, Cybercrime, Cybersecurity, Data Security, DHS, Federal law, Risk Management; No Comments
The administration is serious.
In one of the first signs of how seriously the current administration takes cybercrime, on May 12 the White House sent its cybersecurity legislation to Capitol Hill, asking for changes in the law. Specifically, the White House wants the Department of Homeland Security (DHS) to have more authority – and responsibilities – in overseeing both private-sector and government networks. Additionally, the White House asked for a national data-breach law, one that would supersede the current state-by-state laws. More Info»