Today StateRAMP announced its growing list of states who are working with StateRAMP to validate the cybersecurity posture of their third-party suppliers who use or offer cloud products to deliver services.
StateRAMP launched in early 2021 and one year later, an expanded list of state and local municipalities are working with StateRAMP to validate provider’s cloud-based solutions to ensure all baseline cyber requirements are met.
Leading states include:
- New Hampshire
- North Carolina
With responsibilities for critical infrastructure, vital services, and mass storage of confidential data, government, at all levels, is a prime target for cybercrime.
“2021 was a record-breaking year for data breaches and software supply chain attacks,” said Steve Nichols, Chief Technology Officer at the Georgia Technology Authority. “As cybersecurity threats and risks have increased, state and local governments must ensure the suppliers they work with are able to meet minimum cyber requirements.”
StateRAMP provides state and local governments assurance that the suppliers they are working with meet the minimum cybersecurity standards through independent audits and ongoing continuous monitoring.
“Until StateRAMP, there was not a standardized method to provide state and local governments consistent, independent, and ongoing validation of a product’s cyber posture,” said J.R. Sloan, Chief Information Officer for the State of Arizona. “2That left states on their own, expending valuable resources evaluating vendor compliance. StateRAMP allows us to work together with our counterparts in other states and in the vendor community toward a common standard.”
StateRAMP is designed as a shared service for government and a streamlined service for suppliers who can verify their products one time and reuse that certification with each government agency they serve.
“Cybersecurity is a team sport. The bad actors are working together, why can’t we?” said Chance Grubb, Senior Staff Officer/OK-ISAC Lead, Oklahoma Cyber Command, Office of Management and Enterprise Services. “Being able to partner with StateRAMP allows us to better protect citizen data and infrastructure.”
“StateRAMP is a great example of what needs to take place to help us defend against attack,” said Rob Main, State Chief Risk Officer for the State of North Carolina.
“At launch one year ago, our goal was to work with three to five states in the first year. The level of interest in StateRAMP is far surpassing our expectations and incredibly exciting,” said Leah McGrath, Executive Director of StateRAMP. “Our team feels truly honored to be a part of this effort helping strengthen cybersecurity across the nation.”