It’s not entirely clear if simply codifying FedRAMP will have a noticeable impact on the program or the way it operates, but nothing in the law suggests any effort to strengthen federal cloud security requirements.
Software vendors, like other types of organizations, may in fact be worthy of customers’ trust, but it is at least a semantic mistake for any buyer to say they trust software.
Perhaps harder to understand is why so many of these emails make it through to their recipients, whether or not the recipients actually fall for the scam.
CSO Online Headlines Dark Reading
SecurityArchitecture.com