Member Spotlights

Meet the Experts Shaping Secure Cloud Innovation

CBORD: Leading the Way in Secure Solutions with StateRAMP Authorization

Linkedin Twitter Youtube

Why did your organization become a StateRAMP member? 

We obtained StateRAMP Authorized status in August 2024. It was a long journey over the past year, but we finally completed what we set out to ultimately accomplish. At CBORD, ensuring that our solutions are secure, reliable, and compliant is our top priority. Becoming a StateRAMP member was a natural step for us to demonstrate our commitment to meeting the rigorous cybersecurity requirements needed to serve state and local governments. With StateRAMP authorization, not only do we strengthen our credibility, but we also ensure that our cloud services are in line with the highest security standards. This alignment allows us to better support our partners in the public sector, making it a win-win for everyone involved. 

What advice do you have for other providers progressing through the StateRAMP process? 

For those navigating the StateRAMP journey, we’ve learned a few things along the way that might be helpful. First, it’s crucial to fully understand the requirements upfront. Familiarizing yourself with StateRAMP’s security controls and guidelines is essential to ensuring compliance. We also found that engaging early with a Third-Party Assessment Organization (3PAO) can make a significant difference, as they can help identify any gaps early in the process. Training your team is another key aspect—ensuring everyone is well-versed in cybersecurity best practices will pay off. And don’t underestimate the importance of thorough documentation. Keeping detailed records of your security policies, procedures, and controls can make the assessment process much smoother. Lastly, be patient and persistent. Achieving StateRAMP authorization is rigorous, but it is definitely worth it. 

How do you stay up to date with the evolving cybersecurity landscape? 

At CBORD, keeping up with the fast-paced world of cybersecurity is crucial. We take a multi-faceted approach to staying informed. Our cybersecurity team regularly participates in training sessions and earns certifications to keep their skills sharp and up-to-date. We also collaborate with industry experts and organizations to gain insights into emerging threats and the best ways to counter them. Utilizing advanced threat intelligence tools helps us monitor new vulnerabilities and respond to them in real-time. Additionally, we stay active in cybersecurity communities and forums, where we can share knowledge and stay informed about the latest developments. 

How has StateRAMP benefited your organization so far? 

Being a StateRAMP member has brought several key benefits to CBORD. Firstly, the rigorous requirements have significantly strengthened our cybersecurity framework, which means we’re better equipped to protect our clients’ data. This has also opened new market opportunities, especially for state and local government agencies that are looking for compliant cloud service providers. Our clients feel more confident in our services, knowing that we meet such high standards, which in turn has helped to build stronger relationships and trust. Additionally, being StateRAMP authorized gives us a competitive edge, setting us apart as a leader in secure cloud solutions for the public sector. 

Please share any specific lessons learned from your StateRAMP journey. 

Our journey with StateRAMP has taught us a lot, and there are a few key lessons that stand out. First, starting the compliance process early is crucial. It gives you the time you need to address any challenges and ensures a smooth certification process. We also found that collaboration across departments—like IT, legal, and operations—was vital to covering all aspects of security comprehensively. Another big takeaway was the importance of detailed documentation. Keeping everything organized and thorough made the assessment process much easier and provided a clear path to maintaining compliance. We also learned that compliance isn’t a one-time effort. It’s something that requires continuous monitoring and improvement. Finally, having open and transparent communication with our assessment partners was essential to making the process more efficient and effective. 

What cybersecurity-related events, conferences, or webinars do you recommend for industry professionals? 

There are several events and platforms we’ve found valuable for staying informed and connected in the cybersecurity field. The CrowdStrike Conference is one of the largest and most comprehensive, offering a wealth of knowledge and networking opportunities. Black Hat is another excellent option, known for its cutting-edge technical training and briefings on the latest threats and solutions. The SANS Institute also offers a wide range of webinars and courses focused on different aspects of cybersecurity. If you’re looking to deepen your understanding of compliance, StateRAMP workshops and seminars are incredibly useful. The Cybersecurity and Infrastructure Security Agency (CISA) webinars provide valuable information on current threats and protective measures. And don’t forget about local and regional cybersecurity meetups—these can be great for fostering collaboration and knowledge sharing. 

How can other members or organizations collaborate with your company on cybersecurity projects? 

We believe that collaboration is key to advancing cybersecurity initiatives, and we’re always open to working with other members and organizations. There are several ways we can collaborate, whether it’s through joint research and development to create innovative security solutions, sharing threat intelligence and best practices to strengthen our collective defenses, or partnering on training and workshops to boost cybersecurity awareness. We’re also interested in joint ventures on compliance projects and participating in cybersecurity working groups to address common challenges and drive industry advancements. If you’re interested in collaborating with us, feel free to reach out to our cybersecurity team—we’d love to explore potential partnership opportunities with you. 

Is there anything else you would like to share with the StateRAMP community or the broader cybersecurity community? 

We want to extend our gratitude to the StateRAMP community for creating a robust framework that elevates cybersecurity standards across the public sector. At CBORD, we’re proud to be part of this initiative, and we remain committed to fostering a secure digital environment for our clients and partners. We encourage all organizations to prioritize cybersecurity, embrace collaborative efforts, and continuously strive for excellence in protecting sensitive data and critical infrastructure. Together, we can build a resilient and secure future. 

 

About CBORD

CBORD is the world’s leading provider of integrated technology solutions powering foodservice, nutrition, commerce, and card systems for higher education, acute healthcare, senior living, and business campuses.