Just like I did for FISMA, I wanted to review the Federal Risk and Authorization Management Program Security Controls (FedRAMP), and provide you with my view of it. As stated on GSA’s website, FedRAMP is “a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. ...

Note: Bits & Bytes is a new reoccurring column featuring interesting figures in the security industry.  The intent is to provide a quick interview that allows readers to learn more about the interview subject and their views of our industry.  This edition features Mischel Kwon. About Mischel:  Mischel Kwon is an IT executive with more ...

Participating in a public cloud means that there are two independent parties involved. When two parties are involved, a relationship is formed. And just as it happens with any kind of relationship – each party has their own expectations. If they don’t get met – feelings might get hurt. Arguments and frustrations are normal, and ...

I was recently watching a replay of the CBS 60 Minutes report that originally aired in November 2009 called “Sabotaging the System”. The segment talked about viruses, malware, and hackers that have infected the public and non public networks. These include the federal networks such as the US Central Command (CENTCOM) network http://www.centcom.mil/about-u-s-central-command-centcom.  In 2008 the ...

“In silent bars, in silent rooms, in silent cars, you hide where you can. And me, I know just where you are, you see, I’m a bomber man”  -  From Bombers by Gary Numan  This week President Obama released his plans for a “leaner” military.  There has been a lot of debate about whether or not this ...