With DISA’s acceptance of FedRAMP for tech contractors, the Department of Defense’s tech contracts will become a little bit more interoperable. It’s part of a big push from the Pentagon to modernize and streamline how they acquire new enterprise technology. Jack Wilmer, Chief Information Security Officer at the Department of Defense, told Government Matters that the FedRAMP while acceptance isn’t completely reciprocal at this time, it’s still a huge step forward.
“Any FedRAMP moderate authorization will now be available immediately to process DoD public data. There are still additional steps that are required for DoD-controlled unclassified information. We do have direct reciprocity with FedRAMP high certifications for that,” Wilmer said. “You can leverage a FedRAMP moderate and then undergo a bit of additional DoD work to make sure it meets our standards.”
Essye Miller, Principal Deputy CIO at the Department of Defense, says that developing the Department’s cyber workforce is a top priority.
“We were just getting the direct-hire authority, which gave us much more flexibility than we’ve traditionally had. When an organization knows what their requirement is, they can recruit higher. I think our time to hire is down to about 40 days,” Miller said.“It gives us a much higher response rate and attracts a different kind of workforce who is more interested in not having to go through what they consider bureaucracy to begin with.”