Peters Bipartisan Bill to Ensure Federal Agencies Can Quickly and Securely Adopt Cloud Technology Advances in Senate

WASHINGTON, D.C. – Legislation authored by U.S. Senator Gary Peters (MI), Chairman of Homeland Security and Governmental Affairs, to update and authorize the Federal Risk and Authorization Management Program (FedRAMP) has advanced in the Senate. The bill would ensure federal agencies are able to quickly and securely adopt cloud-based technologies that improve government operations and efficiency. It will also make FedRAMP more accountable to the American people and create private sector jobs in companies that provide cloud services. The legislation was approved by the Senate Homeland Security and Governmental Affairs Committee, where Peters serves as Chair.

“Quickly adopting cloud-based systems will help federal agencies improve digital services for the American people and save taxpayer dollars. While using these technologies will bolster our nation’s competitiveness – we must also ensure they are safe from relentless cyber-attacks and that the sensitive information stored by cloud-based federal systems is secure,” said Senator Peters. “This important bipartisan bill will modernize and expedite the process by which agencies can receive approval to securely use cloud technologies, create good-paying jobs, and incentivize cloud companies to create more effective products.”

Cloud storage and other technologies are widely used by the federal government. FedRAMP has defined the responsibilities of federal agencies since 2011 to ensure cloud-based information technology is used appropriately. Updating and making this program permanent will ensure it is accountable to Congress and that cloud-based products procured by federal agencies are secure. Cloud storage and other technologies are widely used by the federal government. FedRAMP has defined the responsibilities of federal agencies since 2011 to ensure cloud-based information technology is used appropriately. Updating and authorizing this program will ensure it is accountable to Congress and that cloud-based products procured by federal agencies are secure. Under FedRAMP, there are currently are more than 200 Cloud Service Providers serving 183 federal agencies. Thirty percent of these providers are small businesses and investing in this technology will help these companies grow their business and hire new workers. As the COVID-19 pandemic continues pushing agencies to adopt these technologies so federal employees can effectively serve the American people while working remotely, Peters’ bipartisan legislation will help ensure that agencies' processes of moving safely to the cloud are streamlined and efficient. Peters’ legislation comes after an announcement from Microsoft, which provides cloud services to multiple federal agencies, that Russia-backed hackers have been relentlessly targeting cloud service companies and others since this summer.

The Federal Secure Cloud Improvement and Jobs Act updates and authorizes FedRAMP for five years to ensure that cloud-based information technology can be quickly adopted by the federal government while ensuring that it is secure. The bill modernizes the process by which cloud products are deemed safe and can receive FedRAMP authorization. The legislation also establishes metrics to ensure proper implementation of FedRAMP, and requires the creation of a Federal Secure Cloud Advisory Committee to improve communication between federal agencies who utilize cloud technologies and the companies that provide them.

As Chairman of the Homeland Security and Governmental Affairs Committee, Peters has led efforts to increase our nation’s cybersecurity defenses. His bill to enhance cybersecurity assistance to K-12 educational institutions across the country was signed into law. Peters secured several provisions in the bipartisan infrastructure law to bolster cybersecurity – including $100 million fund to help victims of a serious attack recover quickly. Peters’ bills to bolster federal cybersecurity and require critical infrastructure owners and operators to report to CISA if they experience a cyber-attack, and other organizations to notify the federal government if they make a ransom payment have advanced in the Senate.

###