Revving Up for Rev5, Part 3: Recommendations and Timelines

FedRAMP R5 represents a lot of change. So much change that we can’t track it all in this one blog, though we gave it the Old College Try:   In this last installment of the series we’ll serve up recommendations and tips from Anitian’s on-staff security and compliance experts about how to navigate the R4-to-R5 transition. Then we’ll cover […]

Revving Up for Rev5, Part 2: SCRM, Privacy and Encryption

In Part 1 of this three-part blog series we provided an overview of FedRAMP Rev5 changes: why they came about, what they aim to accomplish and – perhaps most importantly – how they’ll drive significant changes in the FedRAMP ATO process, technologies, and expectations. Now in Part 2 we get to dive into three meaty areas that […]

Revving Up for Rev5: When Threats Evolve, FedRAMP Must Evolve

It’s been a tough couple of years for cybersecurity strategists and practitioners. In 2021, supply chain attacks on Kaseya, Solar Winds, Accellion and other hardware and software providers sowed doubt into their long-standing assumptions of trust. Ransomware piggybacked on some of these exploits to drive their severity and urgency (see Kaseya, again). Even when these attacks weren’t embedded deep […]