Tired catchphrases such as "Compliance is not security", "You can't protect what you can't see" and "Cyber must speak the language of the business" abound in our industry, with numerous conversations focused on the problem. Given the rise of the API-centric economy, the time has come to end the debate once and for all around Security vs. Compliance Our panel of thought leaders shared best practices around: How to bridge the divide between secu...

RegScale and Carahsoft hosted this webinar to help you and your cybersecurity team prepare for DoD’s mandated Cybersecurity Maturity Model Certification (CMMC) program. Under the CMMC program, all Defense Industrial Base (DIB) contractors will be required to implement certain cybersecurity protection standards and perform self-assessments or obtain third-party certification as a condition of DoD contract award to better protect controlle...

FedRAMP recently released Revision 5, setting the new standard for secure cloud services in government operations. Want to know more about the transition from Rev. 4 to Rev. 5? In this educational on-demand session, our FedRAMP experts gave unique perspectives on the transition. In this webinar, attendees learned: Important changes introduced in Revision 5 and why. How Cloud Service Providers (CSPs) can complete the transition to FedRAMP Rev 5...

In the fast-evolving ecosystem of the Department of Defense, the way we perceive and manage compliance requirements is undergoing a paradigm shift. Compliance as Code emerges as the frontrunner to challenge traditional, manual vetting methods. Modern practices directly embed these prerequisites into infrastructure and application development processes. This offers the unique advantage of automated evidence collection, streamlining security rev...

Picture this: you're on the brink of securing that crucial ATO approval, but the path is fraught with pitfalls—complex regulations, potential human errors, and the constant specter of cyber threats lurking in the shadows. As an Authorized Official (AO), you're all too familiar with the uphill battle of navigating the complexities and risks of the ATO package approval process while maintaining the resilience of your organization's defense...

Regscale and Carahsoft joined forces in the lead up to TechNet Cyber 2024 to explore how your team can innovate, adapt, and collaborate in service of your mission goals by utilizing emerging technologies. As the landscape of government regulatory compliance evolves at an unprecedented pace, navigating the labyrinth of regulations while maintaining operational efficiencies has become increasingly daunting. Staying ahead of the curve is no longe...

Legacy compliance practices and waterfall acquisition models have hindered mission readiness for years—costing for some over $100K per month, per system and delaying the deployment of critical systems by more than two years. Between 2018 and 2022, only one of five major ATOs achieved a 3-year authorization, frustrating leadership and perpetuating bottlenecks. This fireside chat revealed how the USMC Community Services tackled these chall...