by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : July 15, 2016
FedRAMP issues high-security baseline is the maximum contract ceiling for GSA’s Alliant 2 RFP $50B Trending July 15, 2016 FCW.COM 3 FCW CALENDAR Emerging tech The final round of DARPA’s Cyber Grand Challenge — dubbed the world’s first all-machine hacking tournament — will be held at DEF CON 24. Las Vegas defcon.org Cybersecurity ACT-IAC is hosting a forum focused on communicating cyber risks and the value of cybersecurity efforts across the organization. Washington, D.C . is.gd/ACTIAC_cyber 8/4-7 7/20 Cloud Justice Department CIO Joseph Klimavicz, Transportation Security Administration CIO Stephen Rice and Army Deputy CIO Gary Wang are among the speakers at FCW’s Cloud Summit. Washington, D.C . is.gd/FCW_cloudsummit 8/10 The General Services Administration issued its long-awaited high-securi- ty baseline for the Federal Risk and Authorization Management Program on June 22. Previously, federal agencies could migrate only low- and moderate-impact workloads to cloud service providers. The release of the high baseline will allow agencies to more widely use cloud services for their most critical data, FedRAMP Director Matt Goodrich said. And they can begin immediately. “We already have three vendors ready,” he added. “Agencies are already using the service.” The three vendors participated in a pilot test of the new high base- line, and they are among the largest CSPs: Microsoft Azure, CSRA and Amazon Web Services. Each now has provisional authority to operate from FedRAMP’s Joint Authorization Board. The high baseline will allow CSPs to handle and store data — such as personally identifiable information or health records — that if compromised could severely harm agency operations, assets or people. The new baseline could expand cloud procurement across the entire federal government. “With low and moderate [security standards], we addressed about half, or $40 billion,” of the $80 billion fed- eral IT market, Goodrich said. Those baselines couldn’t address the security needs of the other $40 billion of federal IT spending, however. More than a year in the making, the high-security baseline has been subject- ed to extensive public comment from stakeholders. FedRAMP’s Program Management Office issued a second draft earlier this year that looked at controls after getting input from com- mercial and federal stakeholders. GSA has been polishing the lat- est draft for months, but the release date kept slipping. FCW learned that some of the delay was attributable to a lengthy Department of Homeland Security review. Multiple sources con- firmed that the document had been under DHS review for the past month as final touches were made to one con- trol feature in particular. DHS approval is needed because it is one of the three agencies — along with GSA and the Defense Department — whose CIOs make up the JAB. DHS has other, broader responsibilities for federal network protection and has shown itself to be a stickler for detail. Goodrich told FCW the lengthy time- line for developing the baseline helped ensure that it would be effective for the critical services it seeks to protect. “With the moderate baseline, you can have shared services outside the boundary” and other less stringent requirements, Goodrich said. “With the high baseline, you can’t be outside the boundary.” GSA worked with CSPs, third-party assessment organizations and the other two JAB agencies to refine the base- line. Goodrich said the collaboration will help efforts to speed cloud approv- als through the FedRAMP Accelerated program. — Mark Rockwell ZAIDHAMID “W ith the moderate baseline, you can have shared services outside the boundary. With the high baseline, you can’t be outside the boundary.” — MATT GOODRICH, GSA 0715fcw_003-011.indd 3 6/28/16 11:14 AM
June 30, 2016
July 30, 2016