The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government, Restaurants, and Utilities.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts. We look forward to your comments, so please join the conversation.


  • The Cost of a FedRAMP Assessment from a 3PAO Perspective

    September 22, 2016, Abel Sussman, Senior Project Manager, Commercial Services, Coalfire

    FedRAMP.gov recently published a blog titled ‘How Much Does It Cost to Go Through FedRAMP?’ As a FedRAMP Third Party Assessment Organization (3PAO), we wanted to provide additional factors for consideration for organizations that are evaluating or pursuing a FedRAMP authorization.

    Read more
  • FedRAMP deadline- Industry and Agency Days

    May 15, 2014, Rob Barnes, Director, Federal Practice

    The FedRAMP PMO sent out a notification that they are holding a FedRAMP Industry Day on June 4, 2014 and an Agency Day on June 10, 2014. Items to discuss include the June 5, 2014 deadline, NIST SP 800-53 rev 4 transitions and the 3PAO privitization progress to name a few. We wanted to republish the notification for those that may not have seen the notification.

    Read more
  • The Top 3 Security Issues in Federal Cloud Computing

    April 17, 2014, Rob Barnes, Director, Federal Practice

    A journalist recently asked me for my top three pressing concerns related to Federal cloud security. Here are a few points I had to offer up.

    Read more
  • DoD DIACAP transition to RMF approved

    April 03, 2014, Tom McAndrew, EVP Commercial Services, Coalfire

    Welcome DIARMF!  This has been a long time coming. From DITSCAP to DIACAP and now to DIARMF the Department of Defense approved the transition to a Risk Management Framework (RMF) approach developed by NIST on March 12.

    What does this mean for Information Systems and Platform Information Technology that are already authorized or in the authorization process? While there are many details affecting DoD Unified Capabilities, Cryptography Trusted Platform Module and Cybersecurity Reciprocity…the broad instruction is explained below.

    Read more
  • Determining if your Company is Prepared for FedRAMP

    May 13, 2013, Tom McAndrew, EVP Commercial Services, Coalfire

    Many companies interested in pursuing FedRAMP are seeking guidelines, checklists and any referenceable source  to help them understand and determine their level of preparedness to go through the FedRAMP process. The GSA's FedRAMP.gov site provides documentation on the FedRAMP process in their "Guide to Understanding FedRAMP."  In it is a 12-step checklist to help organizations gauge their readiness for FedRAMP.  

    Read more
  • Displaying results 6-10 (of 15)
     |<  <  1 - 2 - 3  >  >| 

Recent Posts

Post Topics

Archives

Tags