FedRAMP Has Impact on Commercial Businesses As Well, Adobe CIO Says

(Image: Shutterstock)

The main Federal security certification program designed to accelerate cloud adoption throughout the government has also become an important security standard for the commercial world, according to Cynthia Stoddard, senior vice president and chief information officer of Adobe.

“Disney, Sony and others ask to review our FedRAMP package,” Stoddard said, referring to the General Services Administration’s Federal Risk Authorization and Management Program. She made the comments Tuesday at the Adobe Digital Government Symposium in Washington, D.C.

FedRAMP, which some have criticized as a costly, time-consuming requirement for government contractors to check off their list, can also be an informative standard for commercial businesses looking for cloud providers.

Government agencies are moving toward cloud providers to modernize their legacy systems and provide better services. However, government employees are still adjusting to the changes that come with working with different systems.


There has been a lot of cloud talk, but how are agencies putting it into action? Where is cloud making a difference in terms of agencies’ mission effectiveness? What tangible results are agencies–and their budgets–realizing from moving workloads to the cloud? Join government and industry thought leaders on Wednesday, June 7, for the 2017 Cloud Computing Brainstorm at the Newseum as we discuss how cloud can help make government IT great again.


“We just had a breakfast with government leaders where we talked about challenges, change management, and where do you begin and where do you start unraveling it,” Stoddard said in an interview with MeriTalk. “Providing that guidance and best practices are how to work with them.”

Adobe went through the same change management process when it transitioned to offer cloud as a service. Adobe offers virtual private cloud packages that adhere to the NIST Cybersecurity Framework and include risk management controls for its government customers.

In order for Adobe to transition to the cloud the company went through several back-office changes, including scaling its operations for increased customer service and billing every month instead of once a year. This way, Adobe sympathizes with government agencies that are still getting accustomed to agile IT acquisition.

Stoddard said that the government can achieve the same level of customer experience as the private sector.

“Citizens expect the same type of service from the government,” Stoddard said. “Government agencies need to take a user-centric approach to delivering services.”

This type of customer experience encourages citizens to engage more in the public sector, according to Karen Terrell, vice president of Americas Public Sector for Adobe.

“If you’re having a better experience engaging with our government, you’re more apt to be engaged,” Terrell said.

Stoddard said that the biggest challenge for technology is recruiting the right IT professionals.

“I would say that talent and readying the workforce for the future is a challenge … to make sure we have the right skills to match the technology, that we’re thinking about analytics,” Stoddard said. “It’s a whole mind-set change, so I would say that the change management component is probably one of the biggest challenges. Technology tends to be easy but matching the people and helping them go along with their journey is the challenge.”

One of the skills needed for the future of IT is the ability to use artificial intelligence and machine learning to combat cybersecurity threats.

“IT within itself should have self-healing platforms,” Stoddard said.

Government could incorporate automation into its risk management plans to stop attacks quicker and include security throughout all of its systems rather than as an afterthought.

“The days are gone of disaster recovery,” Stoddard said.

 

Recent