Over the years, the federal government has created a series of mandates to push agencies toward adopting better cybersecurity practices and solutions. The goal is not to define a one-size-fits-all security strategy across government, but to provide a good foundation on which agencies can build.
Today, three cybersecurity mandates guide most agency efforts: the Federal Risk and Authorization Management Program (FedRAMP) for cloud security; the Continuous Diagnostics and Mitigation (CDM) program for network visibility and data security; and the Trusted Internet Connections (TIC) program for internet-based security.
Over the years, the federal government has created a series of mandates to push agencies toward adopting better cybersecurity practices and solutions. Today, three cybersecurity mandates guide most agency efforts: the Federal Risk and Authorization Management Program (FedRAMP), for cloud security; the Continuous Diagnostics and Mitigation (CDM) program, for network visibility and data security; and the Trusted Internet Connections (TIC) program, for internet-based security.
The mandates were developed largely independent of one another, yet increasingly they are seen as interlocking pieces of a larger puzzle. That puzzle is this: How can agencies create a more agile IT environment — one that evolves as mission requirements evolve — without compromising the security of their networks, systems and data?
This guide looks at that puzzle, focusing on the individual mandates and how they interrelate.
Download the guide to read more about how FedRAMP, CDM and TIC are evolving and how they will shape future federal cybersecurity efforts. You'll learn:
- The differences in scope between FedRAMP, CDM and TIC and how each mandate complements the others.
- The current state of cybersecurity in government today and current trends in compliance and spending.
- Best practices in federal cybersecurity including multi-agency continuous monitoring and least privilege access management.
Plus, hear from the program managers and directors for these mandates at the Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS) and General Services Administration (GSA) as well as thought leaders from Carahsoft's cybersecurity partners.