Explore cloud security and FedRAMP certification in this 45-minute conference talk from Louisville InfoSec 2016. Delve into cloud computing fundamentals, top security threats, and adoption trends across commercial, private, and federal sectors. Learn about cloud mitigation models and security standards before focusing on the Federal Risk and Authorization Management Program (FedRAMP). Understand FedRAMP's purpose, key players, and three-stage process. Gain insights into gap assessments, checklists, risk assessment reports, audits, and required documentation. Discover certification paths, including agency sponsorship and the Joint Authorization Board. Walk away with essential knowledge on cloud security compliance and FedRAMP implementation strategies.
Overview
Syllabus
Intro
What is Cloud?
Top Cloud Threats
Cloud Adoption Commercial, private and federal organizations are interested in utilizing the cloud for many of its inherit benefits
Cloud Mitigation Model
Cloud Security Standards
What is FedRAMP?
Purpose of FedRAMP
FedRAMP Players
Three Stages of FedRAMP
FedRAMP Gap Assessment
Gap Assessment Checklist
FedRAMP RAR
FedRAMP Audit
FedRAMP Documentation
Paths to Certification
Agency Sponsorship
Joint Authorization Board
Key Take Away Points
Contact Info
