Cofense PhishMe Achieves Significant FedRAMP Milestone
Pioneer of Phishing Awareness Training on Track to Meet Strenuous Security Standards of FedRAMP Moderate Designation
LEESBURG, Va. – Mar. 18, 2020 – Cofense®, the global leader in intelligent phishing defense solutions, today announced Cofense PhishMe®, its award-winning phishing security education training platform, has achieved the Federal Risk and Authorization Management Program (FedRAMP) In Process designation. Cofense, which has a well-established portfolio of federal customers spanning across multiple branches of the U.S. government, is working with its sponsor to be approved for an Authorization to Operate (ATO). Upon completing the process, Cofense PhishMe will be certified as FedRAMP Authorized Moderate, an important milestone meeting the security baselines for more than 300 controls, allowing federal agencies to securely and proactively defend against cyber security threats spread via email, the leading cause of data breaches.
FedRAMP, a government-wide initiative, promotes the adoption of secure cloud services by U.S. government agencies with a standardized approach to security and risk assessment, allowing the public sector to meet increasingly complex regulatory guidelines. A Moderate-Impact Authorization notably requires significantly stricter security controls compared to Low-Impact Authorization, including stringent operational requirements to protect personally identifiable information and the safeguarding of information related to phishing simulations and suspicious messages reported by employees.
“Every day, federal organizations battle malicious actors and foreign adversaries who seek to compromise their network through malware-laden phishing emails that target government employees,” said Keith Ibarguen, chief product officer, Cofense. “When it comes to handling the trusted data of our customers, we don’t take short cuts. We pride ourselves on being an innovating leader in phishing awareness training and education with our pioneering Cofense PhishMe solution, which is already hosted in AWS GovCloud. Today’s announcement underscores our commitment to providing best-in-breed phishing defense solutions to the U.S. federal government to help them defend against today’s most advanced attacks that email security controls miss every day.”
According to FedRAMP, Moderate-Impact Authorization “is most appropriate for Cloud Service Offerings where the loss of confidentiality, integrity, and availability would result in serious adverse effects on an agency’s operations, assets, or individuals […] including significant operational damage to agency assets, financial loss, or individual harm that is not loss of life or physical.”
Cofense PhishMe helps organizations transform their employees into the last line of active defense against phishing attacks through education, ongoing simulations, and an easy to use reporting tool so organizations can swiftly detect, respond to and thwart phishing attacks in their tracks.
In 2019, Cofense completed a Service Organization Controls (SOC) 2 Type II examination for Cofense PhishMe and Hosted Cofense Triage. In pursuit of this certification, organizations undergo a rigorous analysis that includes the following trust services criteria: security, availability, processing integrity, confidentiality and privacy. Once the FedRAMP Authorization is complete, Cofense will provide monthly continuous monitoring deliverables to agencies using the company’s solutions. These deliverables may include reports, system change information or requests, and more. An annual security assessment is also conducted to ensure the risk posture of the system remains acceptable.
Organizations interested in learning more about how Cofense and its phishing defense solutions, including Cofense PhishMe, can help secure federal networks, please visit: https://cofense.com/federal-government
Cofense is the leading provider of intelligent phishing defense solutions worldwide. Cofense delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. Our collective defense suite combines timely attack intelligence sourced from employees with best-in-class incident response technologies to stop attacks faster and stay ahead of breaches. Cofense customers include Global 1000 organizations in defense, energy, financial services, health care and manufacturing sectors that understand how changing user behavior will improve security, aid incident response and reduce the risk of compromise.
Cofense Media Contact