Articles with Cybersecurity

The Shift Toward Continuous Authorization: Embracing Automation in Federal Compliance

Continuous Authorization, or cATO, can mean different things depending on context. In the federal public sector, I’ve encountered numerous strategies and interpretations. Human-Driven Assessments: The Traditional ApproachTraditionally, authorization assessments have been human-driven. We’ve explored continuous approaches, which typically involves increasing

> Read More

The case for FedRAMP to adopt a common OSCAL API Specification

The Federal Risk and Authorization Management Program (FedRAMP) program management office (PMO) recently published a request for quote (RFQ) for a governance risk and compliance (GRC) solution that intends to implement OSCAL (Open Security Controls Assessment Language) and facilitate compliance

> Read More

DevSecComp(liance)Ops with OSCAL

NIST’s held their 3rd Open Security Controls Assessment Language (OSCAL) Workshop earlier this month, and it was abundantly clear from the content and participation that the OSCAL standard and community has gained momentum and has a real opportunity to revolutionize

> Read More

Say Goodbye to Passwords: Our Journey to Passwordless

Historically passwords have been the go-to method to secure information systems. However, as time has passed, they’ve become harder to memorize, create a lot of pain for IT to maintain, and are a significant source of daily frustration for billions

> Read More

Zero Trust, Zero Compromise: Implement a Zero Trust Strategy

Zero Trust is becoming quite the buzzword these days, with organizations and government agencies releasing more guidance and strategies for their Zero Trust initiatives every day[1][2][3]. With so much new information being published all the time, understanding the core of

> Read More

Easy Dynamics Login