In May, after many months of dedicated effort, our compliance team received word that a U.S. Federal Risk and Authorization Management Program (FedRAMP) moderate certification was granted for the AT&T Threat Detection and Response for Government solution. FedRAMP is a program coordinated by the US General Services Administration and the Department of Homeland Security (DHS) that inspects cloud-based solutions for compliance with 325 distinct security controls. AT&T Threat Detection and Response for Government is purpose-built in the AWS GovCloud (U.S.). and meets the FedRAMP requirements for cloud service providers operating at the Moderate Impact Level.
This was an important achievement as it allows our field sales teams to work better with government organizations, taking client conversations beyond a common issue: “Is your offer FedRAMP certified?” The ability to answer “yes” to the challenge means that the client does not have to research and produce the certification documentation themselves (an enormous task) to place TDR for Government into an approved production environment.
The inclusion of AT&T Threat Detection and Response on the Approved Products List (APL) maintained by DHS and GSA for Continuous Diagnostics and Mitigation (CDM) is further evidence of the solution’s ability to strengthen the cybersecurity posture of federal, state and local government networks and systems.
It is very satisfying to observe customers as they spin up an instance of our USM platform-based products for the first time. Within just a few minutes of the final configuration steps, the customer dashboard will start to come to life with counts of discovered devices, counts of events, and maybe even an alert that requires attention.
Our first AT&T Threat Detection and Response for Government customer was immediately relieved to learn that mandatory reporting of log management activities is automated for him with the solution. Rather than chasing down the details of log aggregation and log management for each distinct technology deployed in the environment, he can rely on the AT&T Threat Detection and Response for Government dashboards to provide him at-a-glance data. He can utilize our library of pre-prepared reports to fulfill monthly audit requirements for FISMA and NIST compliance. Relief from this mundane work is just one of the many benefits that he and the CISO quickly realized.
Also in May, President Biden issued an Executive Order encouraging all agencies of the Federal Government to improve the nation’s cybersecurity. Amongst the many elements of the Executive Order, agencies are required to increase their focus on a cloud strategy and framework that is to be FedRAMP certified.
AT&T Threat Detection and Response for Government and the AT&T Alien Labs Open Threat Exchange (OTX) threat intelligence data that supports it can simplify work for our customers. Coupling that with a Zero Trust Readiness Assessment delivered by the Infrastructure Practice of our Cybersecurity Consulting team, I am confident that we are well prepared to help the government segment reduce cybersecurity risks. I'm proud of the portfolio that we now have to meet the demands of this important sector.