Cloud Security, Security Architecture, Supply chain, Risk Assessments/Management
Greater cloud IT vendor scrutiny sought by state cyber leaders
More state cybersecurity leaders have been working to ensure their organizations' cloud IT vendors have products that meet certification program standards, according to StateScoop.
"What we want to do is that once we know a vendor has a security posture established, we need to figure out what the shared responsibility model for the consumer-provider relationship. It's not good enough to say I'm in a FedRAMP environment like AWS or Google Cloud or Azure, but how do I configure my responsibilities in that environment to ensure I remain secure?" said Michigan Deputy Chief Security Officer Jayson Cavendish at StateScoop's Cybersecurity Modernization Summit.
Meanwhile, Texas has also established its own TexRAMP program, which permits vendors approved by FedRAMP or StateRAMP but also introduces standards tailored for the state's agencies.
"What we're asking is that vendors have the same security controls that we ask of our state agencies," said Texas Chief Information Security Officer Nancy Rainosek.
An In-Depth Guide to Cloud Security
Get essential knowledge and practical strategies to fortify your cloud security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds