FedRAMP in Bloomberg

Abel Sussman, Senior Project Manager, Commercial Services, Coalfire

Recently Bloomberg Government published an article that describes the increasing awareness of the Federal Risk and Authorization Management Program (FedRAMP) as a major factor affecting the federal marketspace. The article indirectly indicates a major first-mover advantage, as there are “only 77 products” available to fulfill over two hundred Bloomberg-identified FedRAMP opportunities.

It is worth noting that 86% of these opportunities are not restricted by the lowest price, technically acceptable (LPTA) category, marking a major acknowledgement by the federal government to award based on value and "that agencies may be willing to pay more for FedRAMP-approved products and services".

Since the FedRAMP program allows a standardization of security authorization, cloud service providers that successfully receive a FedRAMP Authority to Operate (ATO) quickly benefit from an economies of scale opportunity and can "realize the benefits of being part of the program for years".

These elements, combined with the likely passage of the Modernizing Government Technology Act, point to an increasing and profitable federal cloud services market.

Coalfire is a FedRAMP Accredited Third Party Assessment Organization (3PAO) that performs Readiness, Assessment and Continuous Monitoring services for cloud service providers pursuing FedRAMP.

Related Coalfire Information:

Blog - FedRAMP Plans for 2017

Blog - The Cost of a FedRAMP Assessment from a 3PAO Perspective

Webinar – DoD Cloud Security, FedRAMP Readiness and FedRAMP for High-impact Systems

Abel Sussman


Abel Sussman — Senior Project Manager, Commercial Services, Coalfire

Recent Posts

Post Topics



Accounting Agency AICPA Assessment assessments ASV audit AWS AWS Certified Cloud Practitioner AWS Certs AWS Summit bitcoin Black Hat Black Hat 2017 blockchain Blueborne Breach BSides BSidesLV Burp BYOD California Consumer Privacy Act careers CCPA Chertoff CISO cloud CMMC CoalfireOne Compliance Covid-19 credit cards C-Store Culture Cyber cyber attacks Cyber Engineering cyber incident Cyber Risk cyber threats cyberchrime cyberinsurance cybersecurity danger Dangers Data DDoS DevOps DevSecOps DFARS DFARS 7012 diacap diarmf Digital Forensics DoD DRG DSS e-banking Education encryption engineering ePHI Equifax Europe EU-US Privacy Shield federal FedRAMP financial services FISMA Foglight forensics Gartner Report GDPR Google Cloud NEXT '18 government GRC hack hacker hacking Halloween Health Healthcare heartbleed Higher Education HIMSS HIPAA HITECH HITRUST HITRUST CSF Horror Incident Response interview IoT ISO IT JAB JSON keylogging Kubernetes Vulnerability labs LAN law firms leadership legal legislation merchant mobile NESA News NH-ISAC NIST NIST 800-171 NIST SP 800-171 NotPetya NRF NYCCR O365 OCR of P2PE PA DSS PA-DSS password passwords Payments PCI PCI DSS penetration Penetration Testing pentesting Petya/NotPetya PHI Phishing Phising policy POODLE PowerShell Presidential Executive Order Privacy program Ransomware Retail Risk RSA RSA 2019 Safe Harbor Scanning Scans scary security security. SOC SOC 2 social social engineering Spectre Splunk Spooky Spraying Attack SSAE State Stories Story test Testing theft Virtualization Visa vulnerability Vulnerability management web Wifi women XSS