Photo of Michael G. Gruden, CIPP/GPhoto of Evan D. WolffPhoto of Kate GrowleyPhoto of Nkechi KanuPhoto of Jacob Harrison

On March 24, 2025, the Federal Risk and Authorization Management Program (FedRAMP) unveiled “FedRAMP 20x,” a proposal to make FedRAMP more efficient by automating FedRAMP security assessments and continuous monitoring, simplifying required technical controls, and leaning on industry to provide tooling and solutions to support automation. Continue Reading FedRAMP 20x: Proposed Framework Aims To Increase Automation and Efficiency

Photo of Peter J. EyrePhoto of M.Yuan Zhou

CMMC, DOJ, FedRAMP

This week’s episode covers DOD’s proposed rule regarding Cybersecurity Maturity Model Certification 2.0, DOJ’s new Corporate Whistleblower Awards Pilot Program, and an OMB memo that proposes updates to FedRAMP, and is hosted by Peter Eyre and Yuan Zhou. Crowell & Moring’s “Fastest 5 Minutes” is a biweekly podcast that provides a brief

Photo of Peter J. EyrePhoto of Olivia Lynch

This week’s episode covers a new Executive Order on Climate-Related Financial Risk, the final DFARS provision on contract closeout, a new SBA decision involving a mentor-protégé joint venture, and a FedRAMP update, and is hosted by partners Peter Eyre and Olivia Lynch. Crowell & Moring’s “Fastest 5 Minutes” is a biweekly podcast that provides a

Photo of Kate M. Growley, CIPP/G, CIPP/US

Just before the closing bell for 2012, the federal government gave its first approval for government-wide security authorization to a cloud service provider.  On December 26, the General Services Administration (GSA) certified its first cloud service provider under the Federal Risk and Authorization Management Program, more commonly known as FedRAMP.  The GSA expects last month’s