August 21 @5:30 PM – Michael Carter on Understanding What’s What in FedRAMP

Please join us on August 21 @5:30 PM – Michael Carter on Understanding What’s What in the New FedRAMP World

Register: This is a Hybrid meeting. A dinner meal will be served (Meal menu TBD). IN PERSON & ONLINE ZOOM, Location: Marymount University Ballston Center 1000 N Glebe Rd, Arlington, VA 22201. Metro Station Accessible.

Abstract: FedRAMP is undergoing its most significant transformation yet with the rollout of FedRAMP 20x while still maintaining the FedRAMP Rev 5 Authorization Process. This session will unpack what these changes mean for cloud service providers, 3PAOS, federal agencies, and the broader compliance ecosystem. We’ll explore how FedRAMP 20x aims to streamline the authorization process through automation, reuse, and modernization of documentation and workflows. We’ll walk through how the process worked for one of the first pilots approved under the 20x program – InfusionPoints. We’ll also touch on where things stand with the previous FedRAMP approach, now called the Rev 5 Authorization path. Whether you’re planning for your first ATO, servings as an independent assessor, or reviewing a package from an agency perspective, this session will offer actionable insights and strategies to help you succeed in the new FedRAMP world.

About the Speaker: Michael Carter is a Managing Partner/Co-founder at Fortreum, LLC, the fastest growing FedRAMP Third Party Assessment Organization (3PAO). He is responsible for the company’s strategic vision and overall client delivery. He supports a wide variety of customers in both the public and private sectors. He employs a hands-on leadership style that has enabled his customers to achieve success on their compliance initiatives. This success includes entering new markets and expanding their existing footprints at Government Agencies.

Mr. Carter has over 20 years’ experience in information assurance, with a strong focus on cloud security compliance. He has led and managed large teams of security advisors and assessors of varying experience levels. Through these efforts, he has cultivated strong relationships with the largest cloud service providers, including but not limited to Amazon Web Services (AWS), Microsoft, IBM, Google, SAP, VMware, Palo Alto, and Salesforce.

Prior to joining Fortreum, LLC, Mr. Carter was the Vice President of FedRAMP Assurance at Veris Group and Coalfire Systems (Coalfire Systems, under the Carlyle Group portfolio, acquired Veris Group). At Coalfire Systems, he was responsible for establishing, managing, and running daily operations for the leading FedRAMP 3PAO practice. He served as the primary liaison to the FedRAMP Program Management Office (PMO) and supported the FedRAMP program since its inception in 2012. He successfully led the first Joint Authorization Board (JAB) 3PAO assessment and the first agency-sponsored 3PAO assessment. It is from these efforts that he was awarded a Federal Computer Weekly (FCW) Fed 100 award in 2016.

Mr. Carter holds a Bachelor of Business Administration degree from James Madison University with a focus in Computer Information Systems (CIS) and Operations Management. He maintains the following certifications: Project Management Professional (PMP), Certified Information Systems Security Professional (CISSP), CompTIA Advanced Security Practioner (CASP+), Certified Authorization Professional (CAP), AWS Certified Cloud Practitioner (CCP), Certificate of Cloud Security Knowledge (CCSK), and National Security Agency – INFOSEC Assessment Methodology (NSA-IAM).

For more information or to register: https://www.issa-nova.org/august-21-530-pm-michael-carter-on-understanding-whats-what-in-the-new-fedramp-world/