Hello, Guest!

Digital Modernization

CISA Publishes Second Version of Cloud Security TRA

Secure cloud migration

CISA Publishes Second Version of Cloud Security TRA

The Cybersecurity and Infrastructure Security Agency has released the second version of guidance that helps agencies migrate their offerings to the cloud.

The second version of the Cloud Security Technical Reference Architecture provides a series of guidelines that would help government organizations use public cloud offerings more securely. The TRA also includes definitions and clarifications about shared services and cloud security posture management.

The guidance is designed to meet President Joe Biden’s cybersecurity executive order, CISA said Thursday.

One of the key points of the Biden cybersecurity EO is for the federal government to move to secure cloud services.

Eric Goldstein, executive assistant director for cybersecurity at CISA, said the agency and its partners will continue to provide timely guidance to help agencies with their modernization efforts. He also noted that all organizations are encouraged to use the Cloud Security TRA for their cloud migration and cloud use.

CISA worked with the U.S. Digital Service and the Federal Risk and Authorization Management Program to develop the guidance. The three agencies also partnered with the Office of Management and Budget when it adjudicated over 300 public comments received in September. The pieces of feedback gathered were used to strengthen the Cloud Security TRA and address several considerations for cloud migration.

The Cybersecurity and Infrastructure Agency is the Department of Homeland Security’s cybersecurity arm. It focuses on cyber risk, risk management and mitigation and digital and physical infrastructure security.

Potomac Officers Club Logo
Become a Potomac Officer Club Insider
Sign up for our weekly email & get exclusive event, and speaker updates, and find networking opportunities to connect with GovCon decision makers.