Government Operations Subcommittee to Examine the Federal Government’s Use of Secure Cloud Services

Jul 16, 2019
Press Release

Washington, D.C. (July 16, 2019)—On Wednesday, July 17, 2019, Rep. Gerry Connolly, the Chairman of the Subcommittee on Government Operations, will hold a hearing on “To the Cloud! The Cloudy Role of FedRAMP in IT Modernization.”

 

WHERE: 2154 Rayburn House Office Building

 

WHEN: Wednesday, July 17, 2019

 

TIME: 11:00 a.m.

 

The hearing will broadcast here

 

PURPOSE

 

The hearing will examine the extent to which FedRAMP has reduced duplicative efforts, inconsistencies, and cost inefficiencies associated with cloud security authorization process.

 

BACKGROUND

 

The Office of Management and Budget (OMB) established FedRAMP in December 2011 to provide joint authorizations and continuous security monitoring services for cloud services for all federal agencies.

 

FedRAMP seeks to provide a cost-effective, risk-based approach for the adoption and use of cloud services by standardizing security requirements for the authorization and ongoing cybersecurity assessments of cloud services for information systems.

 

The federal government spends roughly 80 percent of its $90 billion in IT spending on operations and maintenance of existing systems, including many legacy systems.   Programs like FedRAMP are critical to accelerating the government’s adoption of modern and improved IT solutions. 

 

The 2019 Federal Cloud Computing Strategy, CloudSmart, reported on some of FedRAMP’s challenges and the continued need for process evolution and standardization.  It stated that “a lack of reciprocity across agencies when adopting FedRAMP authorizations has led to significant duplication of effort when assessing security for product deployment.  In addition, a large number of agency-specific processes has made it complicated for agencies to issue an Authorization to Operate (ATO) for solutions, even when using existing authorized cloud service providers.”

 

WITNESS

 

Panel One

Anil Cheriyan

Director, Technology Transformation Services

General Services Administration

 

Jack Wilmer

Deputy Chief Information Officer for Cybersecurity

U.S. Department of Defense

 

Joseph Klimavicz

Deputy Assistant Attorney General and Chief Information Officer

U.S. Department of Justice

 

Jose Arrieta

Chief Information Officer

U.S. Department of Health and Human Services

 

Panel Two

Jonathan Berroya

Senior Vice President and General Counsel

Internet Association

 

Douglas Barbin

Principal

Schellman & Company, LLC

 

Will Ackerly

Chief Technology Officer

Virtru

 

Lynn Martin

Vice President of Government, Education, and Healthcare

VMware

116th Congress