NIST, GSA, DHS and DOD have released ver 1.0 of their Continuous Monitoring Strategy & Guide, attached below. The Guide,
describes the FedRAMP strategy for CSPs to use once they have received a FedRAMP Provisional Authorization. CSPs must continuously monitor their cloud service offering to detect changes in the security posture of the system to enable well-informed risk-based decision making. This guide instructs CSPs on the FedRAMP strategy to continuously monitor their systems.
The Guide includes a discussion of the role of US CERT in incident handling:
The shared tenant architecture of cloud services implies that a single incident may impact multiple federal agencies leveraging the cloud services. It is a FedRAMP requirement that CSPs obtain assistance with incidents from their customer agencies and from US-CERT. Obtaining assistance starts with reporting incidents. Working as a team, agencies, CSPs, and US-CERT are positioned to handle and resolve incidents faster than if each entity worked on incidents alone.
Leave a Reply