New FedRAMP standards open for feedback
The Federal Risk and Authorization Management Program, better known as FedRAMP, recently released a draft of its latest security standards. These standards aim to improve the federal government's ability to embrace cloud integration and related new technologies while increasing its cybersecurity posturing.
Now, FedRAMP is seeking feedback on these suggested proposals from both industry leaders and federal agencies. After 45 days, FedRAMP will release a second draft, at which point there will be an opportunity for additional public comments.
Speaking at a cloud computing event, Matt Goodrich, director of FedRAMP, explained that he hopes to officially approve of the new standards before the end of the year, NextGov reported.
As of now, the vast majority of federal cloud integration efforts have been based in just a few agencies, with the rest of the government yet to catch up, Goodrich pointed out. However, in the coming months this is likely to change.
Goodrich went on to explain that these will be the most rigorous cloud security standards yet developed by FedRAMP. However, he also emphasized that these will not be final in any capacity, the source noted. On the contrary, he explained that FedRAMP's cloud integration guidelines will continue to evolve on an ongoing basis.
Adaptation is essential for both cloud computing in general and cloud security specifically. Not only is the technology always in flux, but cyberattackers and other threats are also constantly developing new, improved strategies for penetrating cloud defenses. For the federal government to confidently embrace this technology, as it clearly must, then cybersecurity needs to be treated as a priority at all times. Relying on outdated strategies will put departments at serious risk of a data breach.
That is why agency leaders should not assume that FedRAMP is sufficient, in and of itself. Instead, they should continue to seek out advanced defensive measures to truly protect their ongoing cloud integration efforts.