Continuous Monitoring

May 7, 2019
Succeeding with FedRAMP: Continuous Monitoring

Introduction So, you’ve received your FedRAMP authorization, either through the Agency ATO or the JAB P-ATO process.  Now what? Unlike other programs,...

Read More
June 10, 2018
Inherent Risk Tiering for Third-Party Vendor Assessments

  Importance of Third-Party Risk Tiering It can be a challenging and overwhelming task to adequately manage the risk associated...

Read More
December 15, 2016
A+: AMI’s, Automation & AWS

A few weeks ago, I attended AWS re:Invent 2016 with nine of my colleagues. If you have never been, re:Invent is...

Read More
November 24, 2016
Stop by Booth 118 @ AWS re:Invent to Learn How We Can Secure Your Cloud

Read More
October 5, 2015
The AWS Shared Responsibility Model: Part 1 – Security in the Cloud

Cloud Service Providers (CSP) offer a range of infrastructure, platforms, and software for customers to consume. Whether you are looking...

Read More
June 23, 2015
Choosing a 3PAO: FedRAMP, Cybersecurity & Cloud Expertise are Vital

FedRAMP and the Cloud First policy As a direct result of the Cloud Smart Policy, the Federal Government is spending...

Read More
March 8, 2012
2012 RSA Security Conference

Like 20,000 other people across the country and world, I just returned from the 2012 RSA Security Conference.  It was...

Read More
July 1, 2011
Implementing Security Monitoring in Small and Mid-sized Organizations

I recently had the pleasure of leading a project implementing a security monitoring solution in a small organization. Based on...

Read More
October 11, 2010
Current State of FISMA Part 3: What Is the Target?

So, I’ve rambled a bit in the past several weeks on the current state of FISMA.  You’d think that somewhere...

Read More