News & Analysis as of

Cloud Computing Risk Management

Pillsbury - Global Sourcing Practice

An Update on Cloud Computing in the Financial Sector

In 2023, we summarized the U.S. Department of Treasury report that raised concerns about the growing reliance of financial institutions (FIs) on cloud computing. Treasury highlighted structural imbalances and regulatory blind...more

HaystackID

Inside CyberCX’s 2025 DFIR Report: MFA Failures and Espionage Risks Revealed

HaystackID on

The DFIR 2025 Threat Report from CyberCX offers a firsthand view of how cyber adversaries adapted and accelerated their tactics in 2024. Covering incidents across Australia, New Zealand, North America, and Europe, the report...more

Morgan Lewis - Tech & Sourcing

Next Gen Outsourcing Its About Transformation

The leveraging of outsourcing engagements to implement and support digital transformation solutions is emerging as the foundation for the next generation of outsourcing. Digital transformation is a critical part of many...more

Davis Wright Tremaine LLP

FedRAMP 20x Initiative Promises Major Changes for Federal Cloud Service Providers

Major changes are coming again to the Federal Risk and Authorization Management Program ("FedRAMP"), the federal government's cybersecurity authorization program for cloud service providers ("CSPs")....more

Latham & Watkins LLP

GSA Announces Initiative to Revamp FedRAMP to Further Administration’s Priority of Promoting Government Efficiency

Latham & Watkins LLP on

FedRAMP 20x aims to increase efficiency through automation and removal of hurdles to FedRAMP authorization....more

Holland & Knight LLP

GSA Announces Overhaul of FedRAMP with Emphasis on Industry Input and Automation

Holland & Knight LLP on

The U.S. General Services Administration (GSA) recently announced plans to develop the Federal Risk and Authorization Management Program (FedRAMP) 20x – a new approach to the government-wide program for the security...more

Morgan Lewis

Data Center Operations: Aligning Supply Chain, Compliance, and Customer Expectations

Morgan Lewis on

The demand for data centers is continuing to accelerate, fueled largely by generative artificial intelligence (Gen AI), broader digital transformation, and organizations migrating to cloud infrastructure. Gen AI adoption...more

Sheppard Mullin Richter & Hampton LLP

FedRAMP 20x – Major Overhaul Announced to Streamline the Security Authorization Process for Government Cloud Offerings

On March 24, 2025, the Federal Risk and Authorization Management Program (“FedRAMP”) announced a major overhaul of the program, which is being called “FedRAMP 20x.” The FedRAMP 20x announcement stated there are no immediate...more

Cozen O'Connor

FedRAMP Update – New Approach(es) to Authorization on the Way

Cozen O'Connor on

On Monday, March 24, 2025, the General Services Administration (GSA) launched FedRAMP 20x, as an effort to automate parts of the program and create collaboration with the industry to improve authorization process for cloud...more

Wiley Rein LLP

FedRAMP Announces New Approach to Assessing Security of Cloud Services Providers, Leveraging Commercial Practices and Tools

Wiley Rein LLP on

WHAT: FedRAMP has announced that it will be working on a new framework for authorization and assessment of cloud services for federal consumption, calling the initiative “FedRAMP 20X” (announcement here). In response to...more

DLA Piper

Navigating the Future of Cloud Transformation

DLA Piper on

In a recent webinar forming part of DLA Piper’s ‘Digital Evolution in conversation with’ series, Rami Zayat caught up with Jan Geert Meents, Joanna Sykes-Saavedra and Sophie Levett to discuss the future of cloud...more

Morrison & Foerster LLP - Government...

FedRAMP 20x: Reformulating the Authorization Process

FedRAMP Director Pete Waterman recently unveiled the “FedRAMP 20x” plan – a proposal designed to reimagine and reformulate the FedRAMP authorization process for federal government use of cloud-based products and services....more

Venable LLP

Service-Level Agreements for Online or Cloud-Based Arrangements

Venable LLP on

Negotiating a service-level agreement sets clear expectations of each party's roles and responsibilities within online or cloud-based service arrangements. A service-level agreement (in particular, a "customer service-level...more

Sheppard Mullin Richter & Hampton LLP

FedRAMP Releases New Draft Authorization Boundary Guidance

Over the last few years, the Federal Risk and Authorization Management Program (“FedRAMP”) Program Management Office (“PMO”) has released two draft guidance documents related to defining the applicable boundary for security...more

Sheppard Mullin Richter & Hampton LLP

Looking Beyond FedRAMP – Lessons from the U.S. Treasury Cybersecurity Incident

In the ever-evolving world of cybersecurity, even organizations that meet stringent security standards can be victims of sophisticated cyberattacks. A notable example of this is the December 8, 2024 cybersecurity incident...more

Conn Kavanaugh

Three Things You Should Know About Service Level Agreements in SaaS/Cloud Contracts

Conn Kavanaugh on

When a customer purchases software-as-a-service (SaaS)–which is sometimes called a “cloud” service or product–the software is not hosted. It does not reside at the customer’s location or data center. Rather the software is...more

Morrison & Foerster LLP - Government...

Biden’s Final Cybersecurity Order Proposes Significant Changes, All to Be Implemented by the Incoming Administration

Citing the threats posed by foreign adversaries and criminal organizations, and seeking enhanced accountability for companies that provide software and cloud services to the federal government, the Biden administration has...more

American Conference Institute (ACI)

[Event] Advanced Forum on Global Export Controls - February 25th - 26th, Arlington, VA

Looking for something more advanced than your average export controls conference? Go beyond the basics at ACI’s 2nd Annual Advanced Forum on Global Export Controls. This premier event offers cutting-edge insights and...more

Mayer Brown

New EU Cyber Rules (NIS2) Take Effect; Implementing Rules Adopted

Mayer Brown on

On 17 October 2024, the European Commission adopted the first Implementing Regulation under the Network and Information Security 2 Directive (EU) 2022/2555 (NIS2), focusing on digital infrastructures and services. The...more

HaystackID

Critical Vulnerability in NVIDIA Toolkit Threatens Cloud AI Environments

HaystackID on

A critical vulnerability, CVE-2024-0132, has surfaced in NVIDIA’s Container Toolkit, placing a substantial portion of cloud environments at risk. Discovered by researchers at Wiz, the flaw affects both the NVIDIA Container...more

BakerHostetler

Looking in the Mirror: HHS OIG Audit Demonstrates HHS Agency’s Own Need for Focus on Cloud Security

BakerHostetler on

The OIG, the nation’s leader in fighting fraud, waste and abuse of Medicare, Medicaid and other HHS programs, periodically publishes reports on how federal healthcare programs could improve....more

BakerHostetler

FedRAMP Rewritten: OMB Publishes Guidance with FedRAMP’s Updated Vision, Scope and Governance Structure

BakerHostetler on

To dramatically scale up the Modernizing the Federal Risk and Authorization Management Program (FedRAMP) marketplace, the Office of Management and Budget (OMB) has completely rewritten FedRAMP’s vision, scope and governance...more

Fox Rothschild LLP

Navigating the CDK Global Ransomware Attack: Practical Guidance for Auto Dealerships

Fox Rothschild LLP on

CDK Global, a key provider of cloud-based software for auto dealerships, suffered a severe ransomware attack this week, disrupting operations for thousands of dealerships across North America. The attack has crippled vital...more

Pillsbury - Global Sourcing Practice

Why Are Cloud Transformations Challenging?

More than two decades in, cloud computing is no longer a technology that requires a herald or proselytizer. What began with government agencies and then financial institutions seeking expanded storage solutions and an...more

American Conference Institute (ACI)

[Event] 14th Advanced Forum on Global Encryption, Cloud & Export Controls - May 15th - 16th, San Francisco, CA

Hosted by American Conference Institute, the 14th Advanced Forum on Global Encryption, Cloud & Cyber Export Controls returns for another exciting year with curated programming that brings together a global gathering of...more

60 Results
 / 
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide