DOD Cloud Security, FedRAMP Readiness and FedRAMP HIGH

Coalfire Webinar

FedRAMP has made new announcements over the past couple of months. FedRAMP announced the availability of FedRAMP authorization requirements for HIGH-impact level systems and the new Readiness Assessment Report (RAR) process to assess CSP capabilities to begin the FedRAMP process and gain the ‘FedRAMP Ready’ status. Additionally, we are hearing of more clients in pursuit of the DoD SRG Level 6 authorization, this relies on the completion of a FedRAMP moderate assessment and will discuss the opportunities that CSPs have in also pursuing a DoD SRG authorization.

This free webinar will discuss both of those new announcements and how CSPs can plan the process.

  • The FedRAMP capabilities assessment that results in a Readiness Assessment Report (RAR) must be conducted by a FedRAMP accredited 3PAO. We will discuss the controls that will be tested as part of the capabilities assessment and highlight typical next steps that CSPs pursue based on the outcome of the RAR and to continue the FedRAMP preparation process.
  • FedRAMP+ and DoD SRG Level 6 assessments. The FedRAMP authorization process for civilian Agencies is mirrored by the DoD Cloud Security Requirements Guide process. Leveraging a FedRAMP Moderate ATO, CSPs can also be assessed for the requirements of DoD SRG. Coalfire will discuss how this can be done in parallel and what the extra effort in controls and enhancements are for CSPs to serve the DoD market.
  • FedRAMP authorization for High-impact level systems is now public. This is a test of 421 controls, almost 100 more than for moderate-impact level systems, for systems that process data at the Sensitive/Unclassified level. Coalfire will discuss ways to prepare for the High authorization assessment from either starting a new environment for FedRAMP High assessment or up-leveling from your Moderate system authorization.

Attendees of the webinar will learn about:

  • The FedRAMP capabilities Readiness Assessment Report process and how to get started
  • FedRAMP for High-impact level systems.
  • The DoD SRG assessment process for CSPs to pursue DoD Cloud business.

Abel Sussman, Practice Lead for Coalfire’s Federal assessments and Cyber Risk Advisory services will lead the discussion along with Andrew Williams and Jake Schaeufele also from Coalfire's Federal assessment team.

This webinar requires registration. Please fill out the form to receive access.