CISA has released draft versions of two guidance documents—along with a request for comment (RFC)—that are a part of the recently launched Secure Cloud Business Applications (SCuBA) project:
- Secure Cloud Business Applications (SCuBA) Technical Reference Architecture (TRA)
- Extensible Visibility Reference Framework (eVRF) Program Guidebook
The public comment period for the RFC guidance documents closes on May 19, 2022.
In accordance with Executive Order 14028, which is aimed at improving security for federal government networks, CISA’s SCuBA project aims to develop consistent, effective, modern, and manageable security that will help secure agency information assets stored within cloud operations.
CISA encourages interested parties to review the SCuBA documents and provide comment.
See CISA Blog: SCuBA? It means better visibility, standards, and security practices for government cloud for more information and for links to the RFC guidance documents.