Once again, the Cybersecurity-COI is moving the needle in the cyber space. Continuing a tradition we started with our first #zerotrust whitepaper, James Saunders, Gaurav Pal, Dan Jacobs, and team have produced a must read document for all #cybersecurity practitioners (federal and industry) in the government contracting space.
Founder of Multiple Cyber Practices | Chief Strategy Officer at Foxhole | Industry Chair @ ACT-IAC Cybersecurity COI | CISSP
The American Council for Technology - Industry Advisory Council (ACT-IAC) Cybersecurity-COI is pleased to announce the publication of a white paper entitled "ATO as Code: Enabling #Cybersecurity Modernization Through Risk Management Framework Compliance Automation". The report issues a call to action for a unified approach for modernizing the Authorization to Operate (#ATO) process or Risk Management Framework (#RMF) implementation. This report articulates the significance of intelligent automation in bolstering the efficiency and effectiveness of compliance efforts, thereby enhancing cybersecurity risk management. It underscores the necessity for standardized data communication and advocates for the adoption of Open Security Controls Assessment Language (#OSCAL), an open framework for automating assessments. In addition, the report introduces the Compliance Automation Process Maturity Model (CA PMM), a five-tier framework for organizations to adopt and scale the OSCAL. The report concludes with strategic recommendations for key entities including Congress, the Cybersecurity and Infrastructure Security Agency (CISA), the GSA, the National Institute of Standards and Technology (NIST), and other Federal agencies. This work holds significant implications for both cybersecurity experts and policymakers, providing a roadmap for modernizing and automating compliance processes. Read the paper now - https://lnkd.in/e8JPdSWu Thank you to the collaborative efforts of our government/industry project volunteers who developed this game changing resource - James Saunders (U.S. Office of Personnel Management (OPM), Dan Jacobs (OPM), Gaurav Pal (stackArmor), Paul Weston (U.S. Department of Homeland Security U.S. Immigration and Customs Enforcement (ICE), Satyaveer Satvat, CISSP, PMP®, FAC P/PM III, CSPO, SAFe® (GSA), Macey Smith (US AI), David Nguyen, JD, MBA, CISSP, PMP, SAFe, CSM (US AI), Rachel Sile (U.S. Department of the Interior), Dr. Prentice Norman, CISSP, PMP, CEH, ITIL v3, CSM, CSAM (VMD Corp.), Pirooz Javan (Easy Dynamics Corp), Janis Richards (Gunnison Consulting Group, Inc.), Marcus Walker (ASRC Federal), Jamal Webster (CGI Federal), and Hidayatullah Ahsan (TechIcon, Inc.). Sean Connelly🦉 Darryl E. Peek II Brian Tirch Robert Wood Steven Hernandez Heather Kowalski Beau Houser Amy Hamilton, Ph.D. Dr. Tiina K.O. Rodrigue, EdD - she/her