FedRAMP Seeks Comments on White Paper on Threat-Based Authorization Approach

FedRAMP Seeks Comments on White Paper on Threat-Based Authorization Approach

The Federal Risk and Authorization Management Program management office released a white paper that outlines a threat-based scoring approach for authorization processes and asked for industry feedback and comments.

The approach was jointly developed with the Cybersecurity and Infrastructure Security Agency to score each security control item under the fourth revision of the National Institute of Standards and Technology's Special Publication 800-53 against the second version of the National Security Agency Central Security Service's Technical Cyber Threat Framework, the FedRAMP program management office said Wednesday.

FedRAMP aims to help cloud service providers, industry partners and government agencies focus on security controls that are relevant against current threats.

The program encourages the public to send their comments through email in line with the methodology.

The Office of American Innovation conducted a study in 2017 in an effort to validate the viability of a modular approach on authorizations.

The study noted that a defensible methodology that focuses on security controls is required to support an agile authorization approach.

You may also be interested in...


Air Force Taps SpaceX to Investigate High-Capacity Manufacturing Tech for Thermal Protection Systems

Air Force Research Laboratory has awarded an $8.5 million contract to SpaceX to enhance manufacturing technologies used to produce hypersonic-capable thermal protection systems, Space News reported Monday.

AlertTrace by VOS Systems

USAF Procures Contact Tracing Tech From VOS Systems for COVID-19 Response Efforts

VOS Systems received a contract of an undisclosed sum from the U.S. Air Force to deliver, field and sustain an electronic COVID-19 contact tracing tool.

5G technology

VA Hospital Adopts T-Mobile 5G Platform; David Bezzant Quoted

T-Mobile has helped the Department of Veterans Affairs implement 5G technology at a hospital in Miami to support care delivery and telehealth services through instant mobile connectivity.