Telos, SteelCloud Join Forces to Support Client Compliance With NIST RMF

SteelCloud and Telos have entered into a partnership to provide a consolidated platform for organizations looking to comply with the National Institutes of Standards and Technology’s Risk Management Framework.

RMF is a seven-step process that adds security, privacy and cyber supply chain risk management elements to system development. The alliance aims to offer services for most stages of the framework, SteelCloud said Thursday.

SteelCloud will use its ConfigOS software to check if a given technical asset meets Security Technical Implementation Guides requirements while Telos’ Xacta offering is intended for the latter steps once authorization to operate is attained. According to Brian Hajost, chief operating officer of SteelCloud, ConfigOS’ automation capabilities incorporated into Xacta could cut down on waiting time for RMF approval.

NIST is also responsible for establishing an RMF for artificial intelligence to guide the development and usage of such technologies. In August 2022, it released a second draft of the framework to obtain public feedback.

Elham Tabassi, the agency’s IT laboratory chief of staff, said at a recent House hearing that the AI RMF would be published sometime in January 2023. She mentioned that the standards to be provided are nonbinding and are meant to serve as ethical considerations for companies developing such technologies.