Government responses to evolving security threats have, to more or less a degree, started to incorporate advanced mitigation postures that reflect a world of networked systems and complex digital supply chains. 

To address this changing landscape, the president issued Executive Order 14028, “Executive Order on Improving the Nation’s Cybersecurity.” This 2021 order introduced a zero-trust approach to security and stricter requirements for authorization processes and baseline requirements. 

This article will discuss how some aspects of this executive order are impacting or will impact, FedRAMP Authorization for cloud service offerings. 

Read More

On February 20th, the FedRAMP PMO announced the release of the newest design for the FedRAMP Marketplace. While this news doesn’t necessarily shake the foundations of government compliance, the Marketplace it is an essential resource for agencies looking for a trustworthy source of information regarding cloud providers.

In this article, we’ll break down what kind of information you can find in the new Marketplace and highlight why this resource is so vital for the health and performance of the program.

Read More

In the world of industrial operations and automation, two acronyms often surface in conversations around process control and cybersecurity: Industrial Control Systems (ICS) and Operational Technologies (OT). This article aims to demystify the differences between ICS and OT, examining their unique characteristics, roles, and the critical importance of each in our increasingly connected and automated industrial landscape. Specifically, we’ll cover how a new revision to NIST 800-82 has moved from ICS to full-blown OT security and best practices. 

Read More