My Own FedRAMP Journey

September 13, 2024

As the leader of Optiv + ClearShark’s FedRAMP Advisory Service, I want to share my own FedRAMP journey that led me to putting in the sweat and tears to develop and bring to market a new advisory service. The simplest answer to the why I did this is because this is the exact service I wish I had when I was asked to manage a regulated cloud program within a software company.

I say “regulated cloud” because my first experience in this in this area was Department of Defense Impact Level 5, which frankly makes FedRAMP look easy in comparison. I was fortunate to come to that position with over 20 years of experience developing highly regulated products in the Air Force, including software. As you might imagine, compliance to not only the function requirements, but to a wide variety for federal acquisitions and standards was the core workload of most of my adult life. When I jumped into IL 5 and later FedRAMP, it was much the same… compliance is a core part of the development process.

When I retired from the Air Force, I made a commitment to myself to help get innovative companies into the federal market. I was tired of having only a handful of companies win every deal, and at the same time see this rapid growth of innovation outside of my guarded walls in the commercial space.

After many years of working for one company or another, I’m now at a place where I can help more than one company at a time. I have spent nearly thirty years developing systems, and I want to pass on what I have learned over the years, so people don’t make the same mistakes I have, or those mistakes I’ve seen others make.

There is no doubt that FedRAMP is hard. Only about 250 companies have made it successfully through the program, and I’m not sure if anyone has kept count of the companies that have quietly given up on FedRAMP after trying. However, achieving FedRAMP is possible, and the importance of FedRAMP is only growing. Having a plethora of options to choose from is the basis of a robust federal cloud services marketplace. It is what drives down costs and improves the ability of our federal agencies to deliver services to the citizens.

In the designing of this service, Optiv + ClearShark is doing something different than what I’ve seen in other FedRAMP advisory services. FedRAMP is often called a journey, and we are striving to deliver the right advisory services when the client needs it the most on their own journey. The goal here is to upskill the client’s own ability to successfully run their FedRAMP program.

Secondly, I like to say that FedRAMP is not a go-to-market strategy. I want Optiv + ClearShark clients to succeed at their federal go-to-market, so we help ensure that the they understand the nuances related to selling FedRAMP services to the government.

I am excited about this service, and I look forward to engaging with many companies and helping them on their own FedRAMP journey.

Follow Optiv
LinkedIn: www.linkedin.com/company/clearshark
Facebook: www.facebook.com/optivinc
YouTube: www.youtube.com/c/OptivInc
Blog: www.optiv.com/explore-optiv-insights/blog