A new report argues that the Federal Risk and Authorization Management Program must evolve to better automate its laborious processes for approving cloud service providers and adapt to emerging technologies like Internet of Things and artificial intelligence.
The report by the Center for Cybersecurity Policy and Law, a trade association run out of the Washington D.C, law firm Venable, draws on documents and interviews with federal agencies and cloud service providers who have worked with FedRAMP. It characterizes the current state of the program as “well intended and partially successful” but also “no longer optimized for modern security solutions.”