OMB To Set Standards for Cloud Computing Security Contractors offering cloud computing solutions will have to meet new governmentwide cybersecurity standards. The Office of Management and Budget said the Federal Risk and Authorization Management Program, known as FedRAMP, will eliminate the need for contractors to get their cybersecurity controls approved by every agency they deal with. “FedRAMP is a huge step forward in accelerating cloud adoption in the federal government,” said federal chief information officer Steven Van Roekel. He estimated the program will save 30% to 40% of the cost of adopting cloud solutions. “It’s going to save cost, time, money and staff,” he said in a December 8 media conference call. Dave McClure, associate administrator of GSA’s Office of Citizen Services and Innovative Technologies, said the one-stop for accreditation of cybersecurity solutions will save contractors “an enormous amount of dollars that they spend now doing that time and time again.” OMB plans to issue guidance to industry shortly on how to submit their cloud solutions for accreditation. Products and services will be evaluated by designated third-party organizations. The program will become operational over the next year. TechAmerica, a leading IT trade association, welcomed the announcement. “Federal Agencies adopting the cloud is inevitable. The only question is if it will be done in a secure or insecure fashion,” said Jennifer Kerber, Vice President of Federal Homeland Security Policy. “The FedRAMP program could be the game-changer in this equation. As such, it should be appropriately funded.” OMB has adopted a Cloud First policy for IT services, but Van Roekel said security is one of the main concerns of agencies when they consider migrating to the cloud. The security standards were developed by an interagency group including the National Institute of Standards and Technology. “FedRAMP will reduce duplicative efforts, inconsistencies and cost inefficiencies associated with the current security authorization process,” Van Roekel said in a memo to agency CIOs. Cybersecurity Powers Growth in IT Cybersecurity will be the one bright spot as federal IT spending is squeezed over the next few years, according to the research firm Deltek. Analyst Deniece Peterson projects annual growth of nearly 9% in cybersecurity spending between now and 2016. That compares to just 2% annual growth in the total federal IT market. She said the number of federal cybersecurity incidents reported to the Department of Homeland Security’s U.S. Computer Emergency Readiness Team has increased 659% percent in the past five years.