Unleashing government efficiency: Why a fully resourced and modernized cloud authorizing entity is key

The White House’s push for government efficiency, spearheaded by the newly established Department of Government Efficiency, rightly emphasizes the need to “modernize federal technology and software to maximize efficiency and productivity.” The key to achieving this vision and unlocking true efficiency lies in streamlining the adoption of secure, cutting-edge cloud technologies — a process relying on the Federal Risk and Authorization Management Program (FedRAMP) to ensure federal agencies can rapidly adopt innovative solutions while ensuring federal data is processed and stored in environments that meet rigorous cybersecurity and compliance standards.  

Since 2011, FedRAMP has been the cornerstone of the federal government’s cybersecurity strategy, serving as the primary conduit for secure cloud adoption. Operating under a “do once, use many” model, this centralized entity enables cloud service providers to complete a single, comprehensive security evaluation and authorization that multiple federal agencies can reuse. This can accelerate technology adoption while ensuring a uniform, high-security standard for cloud services across all federal civilian agencies. 

The payoff is substantial. A recent General Services Administration assessment revealed that FedRAMP has saved taxpayers an estimated “$700 million in one-off Agency assessment and authorization costs.” Without such a centralized security authorization framework, agencies must repeatedly conduct separate, costly, and time-consuming security reviews for a cloud service offer — slowing modernization efforts, driving uneven outcomes, and wasting taxpayer dollars.

Emily Murphy, former head of GSA under the first Trump administration, underscored this in a recent op-ed: 

“Efficiency is not just about cutting. Investing in well-run programs can save taxpayer money. One great example within GSA is the Federal Risk and Authorization Management Program (FedRAMP), which offers a streamlined process to certify that cloud software is secure before it is purchased by government agencies . . . Eliminating it would lead to more bureaucracy in the long run.”

Murphy further notes that FedRAMP’s greatest challenge is its limited capacity to process certifications. Investing in the program could increase competition and lower costs across the government.

As agencies increasingly rely on AI-driven analytics and technologies, containerized environments, and multicloud strategies, the need for a fully resourced, centralized authorization program is greater than ever. Investing in automation and process improvements will standardize and accelerate security approvals while preventing unnecessary delays and bottlenecks.  

Public-private collaboration is essential to success. By partnering with leading cloud and security providers, FedRAMP can continuously strengthen security, automate and streamline approvals, and ensure agencies can rapidly access innovation solutions — benefiting government operations and the services they provide to the country.

Without sustained investment, including into automation and process tools, agencies risk being locked into outdated, inefficient, vulnerable systems — jeopardizing national security, critical infrastructure, and the efficient delivery of essential services. Historically, FedRAMP has been resourced at a level that merely sustains status quo operations. However, as demand for commercial cloud services across the federal executive agencies continues to grow, FedRAMP must scale to meet this demand and tackle the growing backlog.  

Every dollar spent strengthening a centralized cloud security framework translates into exponential savings. By eliminating redundant assessments, accelerating cloud adoption, and reducing overall costs, agencies can streamline operations, enhance security, and drive innovation.  

FedRAMP is more than just a compliance program. It’s the bedrock of secure cloud adoption in the federal government, setting a crucial baseline and standard that can be leveraged by the private sector and serve as a global model. This framework also gives American businesses — especially small and medium-sized cloud providers — a structured way to enter the federal market and compete. To truly realize the White House’s modernization vision, we must invest in our cloud technology authorization program — it’s the key to unlocking the transformative power of cloud technology, ensuring a more secure, efficient, and responsive government that can best serve the American people.

Daniel Gorfine is CEO of advisory firm Gattaca Horizons and serves as senior advisor to the Cloud Service Providers-Advisory Board (CSP-AB). He previously served as the chief innovation officer at the Commodity Futures Trading Commission.