New Report Finds Cybersecurity Threats to National Security Result from Outdated Approach to Securing Software

Cybersecurity analyst Dawn Blizard visited with subject matter experts from Rise8 and the Department of Defense to outline U.S. government agencies’ transition from ATO to cATO


TAMPA BAY, Fla. and WASHINGTON, Aug. 30, 2023 (GLOBE NEWSWIRE) -- Rise8, an elite software firm for critical missions, today released a first of its kind analyst report titled, “ATO To cATO: What’s Changing For Government Agencies?”. The report highlights the challenges with the DOD's approach to software development and outlines a path forward to achieve unified compliance and continuous adherence to the Risk Management Framework (RMF). The report also outlines how to enable federal agencies that are navigating the transition from Authority to Operate (ATO) to Continuous Authority to Operate (cATO).

Today, some of the largest threats to national security result from delays in the government’s traditional approach to securing ATO for software. In the absence of appropriate infrastructure, the DOD acknowledges adherence to the RMF is difficult to achieve. Danny Holtzman, Authorizing Official (AO), DOD Chief Digital & Artificial Intelligence Office (CDAO), Office of the Secretary of Defense, provided an interview in support of the report.

“Continuous authorizations are harder because you have to have an ecosystem and a support structure that allows you to see in real-time, understand the system, and get insight into changes — and that ecosystem doesn’t exist inside the DOD,” said Danny Holtzman. “The move to cATO is more about updating the culture and mindset around compliance as a continuous activity and not a box you can check.”

Report author and long-time cybersecurity analyst Dawn Blizzard interviewed Holtzman, Rise8 Founder and CEO Bryan Kroger, and several other subject matter experts. Blizzard is an analyst who earned her PhD from Brown University.

“What we learned in our exploration is that there’s no reason why today’s technology capabilities can’t offer government agencies a web-based, digital compliance platform that supports the entire RMF and manages all of the data contained inside it,” said Blizzard in one of her takeaways in the report. “While we’re not there yet, the development of these platforms should be considered paramount as they can act as a single source of truth, supporting everything from system categorization and control all the way through implementation, assessment, and monitoring with report generation.”

Founder and CEO of Rise8, Bryon Kroger, is credited as the originator of the cATO concept. He spent seven years as a targeteer using terrible software, which led him to becoming one of three co-founders of Kessel Run where he served as COO for two years. He launched Rise8 in 2019 to help change agents overcome bureaucracy and transform the way they build and deploy software to create national security outcomes in production.

Kroger explained, “Critical software for military operations in particular is not being deployed fast enough, and we commissioned this report to help close the knowledge gap and accelerate the shift to cATO. We’ve had all the tools we needed to do cATO from the beginning, but it was expensive, time consuming, and not very efficient. Today, when it’s more important than ever to comply with policy and align with the Risk Management Framework, we finally have the technology to document and trace these activities with technology that is truly continuous.”

Interested parties can access the free “ATO To cATO: What’s Changing For Government Agencies?” report here: https://www.rise8.us/cato-report.

Rise8 is actively incubating its own software solution to address the challenges this report explores. Reach out to be among an exclusive group to learn about the new solution Rise8 is developing – the first-ever component monitoring system through an easy-to-use dashboard that ensures continuous compliance, and accelerates software development. For more information, contact: tracer-team@rise8.us.

About Rise8
Rise8 is an elite software development firm for critical missions. We are revolutionizing the way federal agencies and companies develop complex software to continuously deliver a future where fewer bad things happen because of bad software. Learn more at: https://rise8.us/.

Media Contact
Kelly Hall
Offleash PR for Rise8
rise8@offleashpr.com