Why did your organization become a StateRAMP member?
RapidDeploy takes cybersecurity and our clients’ safety very seriously. We decided to join StateRAMP to ensure our security practices are at the highest level. StateRAMP membership not only helps mitigate risks associated with providing cloud services to government entities but also ensures compliance with rigorous standards, which enhances our overall defense against evolving cyber threats. By adopting these best practices, we safeguard sensitive information and protect against breaches, ultimately ensuring uninterrupted emergency response operations. The more we can do to lower our risk profile, the more trustworthy and credible we become as an organization. Our StateRAMP membership demonstrates our commitment to being a proactive partner in public safety.
What advice do you have for other providers progressing through the StateRAMP process?
The StateRAMP process is an excellent opportunity to reassess your security practices and identify any gaps you may not have noticed before. While it might feel overwhelming at first to gather and provide evidence for over 300 controls, remember that consistency is crucial. Take a systematic approach, working steadily through each requirement, and don’t forget to celebrate your progress and achievements along the way. Staying organized and persistent will make the journey more manageable and rewarding.
How do you stay up to date with the evolving cybersecurity landscape?
To stay up to date with the evolving cybersecurity landscape, we actively engage with cybersecurity communities, such as r/cybersecurity and r/netsec on Reddit, which provide insights into the latest threats and research. We also monitor updates and regulatory changes from government agencies like CJISSECPOL and NIST, as well as global standards such as ISO 27001. Additionally, we keep a close eye on threat intelligence and vulnerability databases, including the CVE (Common Vulnerabilities and Exposures) and the NVD (National Vulnerability Database), to remain informed of emerging vulnerabilities. Keeping up with the constantly changing cybersecurity landscape is a significant challenge but staying proactive and adaptable is crucial to effectively managing potential threats.
How has StateRAMP benefited your organization so far?
StateRAMP has greatly benefitted our organization by strengthening our commitment to cybersecurity, which plays a vital role in ensuring public safety. Our clients feel safer and more confident knowing that we are working toward a more comprehensive and robust security framework, protecting the critical information that underpins emergency response operations. The process has also helped us identify and close gaps in our existing security measures, addressing inefficiencies and reinforcing our overall resilience against cyber threats. This not only enhances our ability to protect sensitive data but also ensures that emergency communications remain reliable and secure, supporting the essential work of first responders and public safety professionals.
Please share any specific lessons learned from your StateRAMP journey.
Slow and steady wins the race—and in the StateRAMP world, that means methodically tackling security controls—and even better if you don’t lose your mind! Kidding aside, one of our biggest lessons learned is the importance of patience and persistence: progress might feel slow, but every step counts. We also discovered that celebrating even the smallest victories, like finally checking off a particularly tricky requirement, makes the journey a lot more enjoyable. In short, embrace the process and keep pushing forward with a smile… even if it’s a slightly exasperated one!
What cybersecurity-related events, conferences, or webinars do you recommend for industry professionals?
We recommend industry professionals check out events like BSides, DEF CON, and OWASP conferences, which provide invaluable insights into the latest cybersecurity trends and challenges. Additionally, webinars and virtual events hosted by organizations like ISACA are excellent resources for staying informed and sharpening your cybersecurity skills.
How can other members or organizations collaborate with your company on cybersecurity projects?
RapidDeploy welcomes collaboration from other members or organizations and encourages them to reach out to explore potential synergies. By connecting, we can identify common goals and projects where we can work together to enhance cybersecurity and drive meaningful results.
About RapidDeploy
RapidDeploy is the leading cloud-native platform for public safety, delivering next generation solutions and intelligent mission critical data to 911 agencies. Our platform suite ensures emergency response teams are equipped with the most accurate and up-to-date information, enabling faster and more effective responses.