Air Force’s New Fast-Track Process Can Grant Cybersecurity Authorizations In One Week

From: Nextgov

By Aaron Boyd, Senior Editor, Nextgov

The process is a mix of quick but comprehensive testing up front followed by continuous monitoring through the life of the app.


Rather than go through each security control individually, the fast-track process allows project owners to run a penetration test—in which cybersecurity experts attempt to break the system—to establish a security baseline, then incorporate continuous monitoring of those systems into the future to ensure it remains secure.

“It comes down to the premise that RMF is a compliance issue. It doesn’t mean you’re secure, it means you’re compliant,” Konieczny said. “We’re saying, basically, if you want to do a fast ATO, you need to think about looking at some of the controls that you’re going to monitor, doing a pen test and doing continuous monitoring after that. … The pen test will actually answer some of those controls [questions] right away. And it’s a better case because it’s not just compliance anymore, it’s how you operationally put the information out there.”

Read Complete Article

Leave a Reply

Please Answer: *