Stephen Kovac, chief compliance officer and head of global government affairs at Zscaler, said the role of the Federal Risk and Authorization Management Program in ensuring the security of federal information technology systems has become increasingly important and the government should provide FedRAMP with personnel, funding and other resources to enable the program to meet its mission of delivering secure cloud to agencies.
“While codifying FedRAMP will be an important step, the FedRAMP project management office and Joint Authorization Board teams must grow to meet the growing requirement for JAB and agency authorizations,” Kovac wrote in a guest article published Thursday on FCW.
“And to grow, they need funding. Funding comes from appropriations, and you need a bill for appropriations,” he added.
He mentioned his participation in the Senate Homeland Security and Governmental Affairs Committee roundtable and shared his insights on the Federal Secure Cloud Improvement and Jobs Act.
Kovac cited the availability of industry programs that could assist small software providers looking to receive FedRAMP certification and the program’s use of Federal Information Security Modernization Act and National Institute of Standards and Technology standards to improve cybersecurity.
He described FedRAMP as a “force multiplier” for securing federal IT networks and systems and how funding and the move to codify the program through the proposed legislation could help the federal government meet current and future IT security challenges.