Ep 120: A FedRAMP ATO The Good, The Bad, and the Ugly

Published: June 20, 2023, 3:42 p.m.

To do wide-scale business within the US federal government, cloud service providers (CSPs) need a FedRAMP ATO. The prospect can be daunting as few CSPs have federal cyber compliance expertise. Misconceptions and misinformation can create additional roadblocks.

In this episode, your host John Verry, CBIZ Pivot Point Security Managing Director , sits down with Mike Craig, CEO at Vanaheim Security, who gives clear guidance with business and security leaders on what it takes to get a FedRAMP ATO, including best practices and common mistakes.

In this episode, join us as we discuss:

\u2022 Key considerations to help decide if a FedRAMP ATO is worth pursuing
\u2022 How long a FedRAMP ATO really takes, how much it really costs, and why
\u2022 The three stages of the FedRAMP journey
\u2022 Key participants in the FedRAMP \u201cdance\u201d and how they relate
\u2022 Huge pros and cons of an agency sponsorship versus the JAB authorization path to a FedRAMP ATO

To hear this episode and many more like it, we encourage you to subscribe to the Virtual CISO Podcast.

Just search for The Virtual CISO Podcast in your favorite podcast player or watch the Podcast on YouTube here.

To stay updated with the newest podcast releases, follow us on LinkedIn here.