FedRAMP, IT security, and the cloud

Alex Grohmann & John Dyson, ISSA NOVA

wfedstaff |

July 9, 2013 — Security standards for federal information technology professionals can be difficult to understand.

In other words, you are not the only one confused with a 457 page document on federal security.

Associations have sprouted up that have local chapters to help.

One well know group is the Information Systems Security Association, commonly known as the ISSA.

In the studio today are Alex Grohmann, senior manager at Morgan Franklin, and John Dyson, manager at Deloitte.

They are representing the Information Systems Security Association, Northern Virginia Chapter or I-S-S-A NOVA.

Grohmann and Dyson give an overview of how the federal government has evolved in its strategy to be more secure.

Initially, they had to do on inventory of systems to see what was in place.

Only after a system has been defined can you make the next step called continuous monitoring.

Both security professionals explain how one should approach NIST 800.53 rev 4 as well as giving suggestions on where to get more information.


Federal Tech Talk

TUESDAYS at 1:00 P.M.

Host John Gilroy of The Oakmont Group speaks the language of federal CISOs, CIOs and CTOs, and gets into the specifics for government IT systems integrators. Follow John on Twitter. Subscribe on Apple Podcasts or Podcast One.

Sign up for breaking news alerts