The agency developed an online comment tool to release future controls and assessment procedures concurrently to keep pace with evolving cyber threats.
A new GAO report reveals that few agencies have implemented recommended practices for managing IT supply chain risks, especially pertinent following the SolarWinds attack.
The five-year BPA streamlines acquisition of hardware and software products and services to not only federal agencies but state, local and tribal governments.
FedRAMP Acting Director Ashley Mahan (second from right) sits on a cloud security panel at VMware’s Public Sector Innovation Summit on Oct. 2. (Dave Nyczepir / FedScoop)
CDM Program Manager Kevin Cox speaks on a panel at the Billington Cybersecurity Summit on Washington, D.C. on Sept. 5, 2019. (Dave Nyczepir / FedScoop)
The scores won't be public, though, "because we know adversaries will be looking to see which agencies are having problems," says Continuous Diagnostics and Mitigation program manager…