CSP-AB

This is an informal message to the FedRAMP community that I'm making on personal social media that does not necessarily represent the views of GSA: The rumors of FedRAMP's demise are greatly exaggerated. A lot of stuff I'm hearing and seeing in the community right now is excessive fear, uncertainty, and doubt. Here are the publicly available facts: (1) FedRAMP agency authorizations continue to be finalized at a strong pace by the Noblis contract review team at the PMO and the authorization backlog is noticeably shrinking for the first time in ages (2) Agency authorizations continue to be the only path to FedRAMP authorizations and no changes to that path have been announced. Any changes to this path that affects CSPs would require public comment, ensuring no such change can be made before the public is informed and able to weigh in. (3) Things ARE changing. The administration has ordered government programs to focus on critical priorities to maximize efficiency. FedRAMP is established in law as a "Government-wide program that provides a standardized, resuable approach to security assessment and authorization..." The law is there, and things will change to align the program with it. (4) The operating environment is unpredictable AF. Folks are getting fired left and right with no warning, government agencies aren't communicating with stakeholders, maybe we're all getting shut down. Yeah, it's unprecedented. It has affected FedRAMP and it will continue to affect FedRAMP. It affects all of us. I get it - but please stop amplifying the FUD. Stop freaking out over rumors of a pilot concept for something new. My team goes into work every day focused on one mission: making more secure cloud services available to the government. We are public servants; we serve. If we can focus on the mission, so can you. Let's build something amazing together this year in spite of all this.

I had the privilege of leading ITI’s efforts to formulate a multi-association response to DFARS Case 2018-D064, which proposes new disclosure requirements for foreign obligations. These changes, stemming from Section 1655 of the NDAA FY 2019, could impact contractors, particularly those providing Commercially Available Off-the-Shelf products to the Department of Defense. Our key concern is that the proposal expands disclosure to COTS products, potentially creating barriers to entry and adding complexity. To align the rule with Congressional intent, we’ve proposed revisions to: limit disclosure to non-commercial products; preserve the nature of commercial products; and align requirements with vendors' actual knowledge. The defense industry needs regulations that foster growth and innovation, not hinder them. ITI stands ready to continue advocating for changes that benefit national security and a competitive defense sector. Read the letter here: https://lnkd.in/ejX53zew #Defense #Innovation #DefenseContracting #NDAA #COTS #IndustryFeedback #GovTech

?? Excited to Relaunch the Cloud Service Providers Advisory Board Website! ?? ( CSP-AB ) I’m thrilled to unveil the official updated website of the Cloud Service Providers Advisory Board (CSP-AB)! As the Board Chairman, I have the privilege of working alongside an incredible team made of industry leaders across all cloud companies to drive forward the mission of advancing cloud security, compliance, and innovation across government and regulated industries. The CSP-AB is committed to fostering collaboration between cloud providers and government agencies, addressing critical topics like: ? Cybersecurity reciprocity to streamline compliance. ? Modernizing regulatory frameworks for scalable adoption. ? Integrating cutting-edge technologies like AI/ML and Zero Trust into secure cloud environments. Our new website serves as a hub for: ?? Key resources, guidelines, and thought leadership. ?? Updates on policies and initiatives shaping the future of secure cloud adoption. ?? Opportunities for stakeholders to connect, collaborate, and contribute. Visit us at www.csp-ab.com to explore our vision and join the conversation about the future of secure cloud solutions. Together, we can drive innovation, streamline processes, and empower organizations to achieve their missions securely. #CSPAB #CloudSecurity #Compliance #Innovation #Leadership