Aquia Inc. Awarded Subcontract from Noblis on Centers for Medicare and Medicaid Services (CMS) SaaS Governance Initiative
Aquia Inc., a Service-Disabled Veteran-Owned Small Business specializing in cloud and cybersecurity professional services, announced that it has been awarded a subcontract from Noblis to support its four-year contract with the Centers for Medicare and Medicaid Services for the Office of Information Technology Program Project Management Support. Under the contract, Noblis will provide program and contract oversight as well as technical and programmatic support.
As a subcontractor, Aquia will work alongside Noblis to help create CMS’s first-ever software-as-a-service (SaaS) governance program and assess third-party SaaS applications’ security risks using a federated review process.
Recommended AI: Microsoft 365 Security Features Protect Business Data from Evolving Threats
“By leveraging our innovative industry-leading Software Bill of Materials ingestion Application Programming Interface, we can continuously monitor relevant components of CMS’ evolving third-party SaaS applications,” said Chris Hughes, chief information security officer and co-founder at Aquia Inc. “We can also evaluate the applications against CMS’s risk tolerance and bolster the agency’s software supply chain security efforts to align with the Cybersecurity Executive Order.”
Under this agreement, Noblis and Aquia will:
- Automate the ability to inventory and track SaaS application usage across the CMS enterprise, and support the effort to obtain a comprehensive SaaS inventory and expose unknown SaaS usage.
- Develop and implement policies and procedures that establish a framework for business owners to request SaaS services for use and for the Office of Information Technology (OIT) to evaluate them. Aquia and Noblis will also help business owners within CMS and the OIT partner to evaluate the risks posed by new SaaS consumption.
- Identify and manage mechanisms to continuously monitor the SaaS applications in the environment and ensure compliance with agency and government guidelines. In addition, the company will work to help prevent misconfigurations or vulnerabilities that could place data and systems at risk.
Recommended AI: Consider Your DOOH Buying Methods Wisely: Direct Sales vs. Programmatic Buying
This award builds on Aquia’s cybersecurity and application security support for CMS through its Noblis subcontract announced in December 2021.
CMS is the largest agency in the federal government by expenditure and is responsible for the personally identifiable and personal health information of more than 177 million people in the United States.
Recommended AI: Understanding the Role of AI in Gaming
[To share your insights with us, please write to sghosh@martechseries.com]
Comments are closed.