Cloud First & Federal Controls – discussion from Federal News Radio

Federal News Radio Alex Grohmann of Morgan Franklin and John Dyson of Deloitte for a discussion of the controls imposed on the federal Cloud First initiative by NIST 800-53 and FedRAMP.   No joke, it can be a grind to listen to even though the participants have fun.  I found some real meat around minute… Continue reading Cloud First & Federal Controls – discussion from Federal News Radio

Cloud Benefits: Pay-as-you-go

“… Informational Technology expenses can be high, if consumed all at once ….”The New Normal, The Arrington Group IT expenses (servers, software licenses and skilled personnel) cost a LOT of money.  Traditionally some of these items were seen as assets for a company.  Assets can be justified as investments; that is to say that I… Continue reading Cloud Benefits: Pay-as-you-go

Cloud First, US Gov Style (FedRAMP)

“Cloud first” is an approach I’ve heard articulated as a means to delivering on business objectives.  The policy I’ve heard has referenced if not been predicated on the fact that the US government is implementing this policy in their federal agencies. My first thought: how is the government accomplishing such a presumably agile, flexible and… Continue reading Cloud First, US Gov Style (FedRAMP)

Risk

Risk is the likelihood that a threat agent (TA) will successfully exploit a vulnerability and introduce loss to a system.

Threat Agent

Threat Agent (TA) – An entity or experience that exposes a system to a loss.   The TA needn’t be cognizant as an earthquake can topple a data center without forethought or fire consumes building and paperwork without prejudice.  A TA may also be a hacker or hackers phishing for information.