- FedRAMP: Cloud Controls to Manage Risk
-
Just like I did for FISMA, I wanted to review the Federal Risk and Authorization Management Program Security Controls (FedRAMP), and provide you with my view of it. As stated on GSA’s website, FedRAMP is “a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. ...
Read More...
- NIST SP800-144 Guidelines on Security and Privacy in Public Cloud Computing – A Relationship Manual
-
Participating in a public cloud means that there are two independent parties involved. When two parties are involved, a relationship is formed. And just as it happens with any kind of relationship – each party has their own expectations. If they don’t get met – feelings might get hurt. Arguments and frustrations are normal, and ...
Read More...
- Keep Your Enemies Closer: Advanced Threat Management
-
I was recently watching a replay of the CBS 60 Minutes report that originally aired in November 2009 called “Sabotaging the System”. The segment talked about viruses, malware, and hackers that have infected the public and non public networks. These include the federal networks such as the US Central Command (CENTCOM) network http://www.centcom.mil/about-u-s-central-command-centcom. In 2008 the ...
Read More...
