This is the deck presented
Group Structure Updates
- Volunteer-based leadership structure has been established with a tentative 6-month rotation though a more formal voting/rotation mechanism is TBD.
- Julie Davila on knowledge management
- Chris Hughes on community evangelism
- Nathan Case on engagement work with government agencies and public speaking efforts
- Sara Mazer as chair
- The community meeting schedule has been set,
- bi-monthly group calls on Monday 12-1 PM EDT
- Leadership calls, bi-monthly Thursdays 8-9 AM EDT
- Calendar link
New Resources
- Primary community chat has been situated on Discord (the invite link is in the embedded PDF above)
- The website is now live on fedab.org, which is autogenerated from the content in Notion
- Itβs public read-only with fed-ab leadership having write access
Notable Conversation Points
- We will explore establishing a charity non-profit to make it easier to fund and solicit support from corporate sponsors.
- The are some genuine legal concerns concerning any critical content we produce that name and shame specific 3PAOs etc. Tim Anderson will help solicit proper legal advice from his network.
- Nathan Case is looking for potential speakers (on FedRAMP or otherwise) to present at a conference in Columbus, OH, centered around security and compliance with heavy attendance from financial and insurance institutions.
- Julie might be able to get Brian Conrad to join in on a group call
- We all seem to go to similar conferences, and we briefly touched on how we might be able to have an in-person group session. AWS Reinvent/enforce seems to be the most popular, but others could be possible.
- Mike Gavin noted that FedRAMP seems to be where PCI DSS was around 2010 in terms of growing pains and that perhaps we could borrow some lessons from that world.
- Everyone loathes HiTrust
Next Steps
- Rob Brown will start putting out feelers in his government network to try and get someone to speak to the group as a guest (possibly USCISβ CISO). Nathan Case will coordinate with Rob.
- Chris Hughes will set up a LinkedIn group for FAB (note: now live at https://www.linkedin.com/company/fedramp-advisory-board1/people/)
- Julie will compile a set of interview questions to then use for various personas (starting with CSPs but then for govvies and 3PAOs as well)
- Julie to create a draft of the top 5 pain points based on our very first call in order for the group to produce something. This will be our first public/promoted artifact
- Julie to help with some marketing collateral (eg QR code, etc)