After 11 years, FedRAMP is now the law

Capitol with FedRAMP logo

It’s not entirely clear if simply codifying FedRAMP will have a noticeable impact on the program or the way it operates, but nothing in the law suggests any effort to strengthen federal cloud security requirements.

SolarWinds compromise focuses new attention on trust in vendor supply chain

Solarwinds

Software vendors, like other types of organizations, may in fact be worthy of customers’ trust, but it is at least a semantic mistake for any buyer to say they trust software.

Tax season means it’s time to watch out for W-2 scams

W-2 phishing

Perhaps harder to understand is why so many of these emails make it through to their recipients, whether or not the recipients actually fall for the scam.