RSS Alerts
Vivek Kundra, Federal Chief Information Officer

Share

More services

Related Links

Related Stories

  • Grading Obama on Cybersecurity
    Early in his term, President Obama promised to address the issue of cybersecurity by continuing and even expanding upon the efforts of the previous administration. Lauren Moraski surveys experts in the field, providing an assessment of the job the new president is doing so far to address this issue
  • Cracked USB drives show NIST certification is not so secure
    Vendors of encrypted USB drives are recalling their NIST-certified products and issuing security updates after a fundamental flaw was found in the way that information is accessed. The flaw enables attackers to access encrypted data without trying to tackle the AES256 encryption algorithm used by the drives.
  • White House will spend $20bn on cloud computing in 2012 says White House CIO
    Vivek Kundra, chief information officer of the White House, told the audience at the Cloud Security Alliance Summit in San Francisco this morning that the White House will be spending $20bn on cloud security according to the new 2012 budget.
  • Majority of government personnel do not receive enough software security training
    Nearly 80% of personnel at government agencies and contractors said their organization did not provide sufficient training and guidance for software security application development and delivery, according to a survey by non-profit IT security trade group (ISC)².
  • NIST issues revised Electronic Authentication Guideline
    The National Institute of Standards and Technology (NIST) has issued a revised version of its Electronic Authentication Guideline (now NIST SP 800-63-1), originally published in 2006 as NIST SP 800-63.

Top 5 Stories

News

Federal CIO asks NIST to aid government’s transition toward cloud computing

10 June 2010

Federal chief information officer Vivek Kundra called upon NIST to help the federal government move toward increased adoption of cloud computing and has appointed the agency to develop standards and guidelines that promote secure implementation of cloud technologies.

While addressing an audience at a recent NIST-sponsored cloud computing forum, Kundra outlined the federal government’s data center consolidation efforts to reduce overlap and subsequently called for developing a uniform set of standards to promote security in the transition toward cloud computing.

“This is a huge opportunity for CIOs across the federal government to rethink how they are investing in information technology”, Kundra said. He then asked the audience to consider the appropriate applications that are candidates for moving to the cloud “without violating the privacy of the American people or compromising national security in any way”.

Kundra also discussed the Federal Risk and Authorization Management Program (FedRAMP), and how it can facilitate the cost-effective benefits of cloud computing by creating a uniform set of security standards to certify cloud computing offerings. Under the current process, cloud vendors are forced to certify products with every agency, sometimes hundreds of them. Kundra called this a highly inefficient certification model and suggested that agencies leverage the processes of other government departments to avoid waste and overlap.

“A number of these agencies can potentially leverage common platforms across the board”, he told the audience, including allowing state governments to take advantage of already-certified federal systems, which allows for cost savings at more than one level of government.

“We can create cross-government [certification] platforms so that we actually realize, not just the savings, but the value much faster, and we also accelerate the adoption towards cloud computing”, Kundra added.

For its part, NIST said it will begin to work with other government agencies and standards organizations in developing a framework to integrate current standards and identify gaps that may exist.

The institute noted that it will serve as a technical advisor to FedRAMP, “which will allow agencies to collaboratively develop baseline FISMA security criteria and authorization to operate deliverables upfront for use of cloud computing vendor products and services”. The aim here is to avoid redundancy, and save money for cash-strapped government IT departments across the nation. “Once a baseline is approved, each agency could augment the baseline according to its individual data and mission system security authorization needs”, NIST added.

This article is featured in:
Cloud Computing • Compliance and Policy  • Public Sector

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012