Governments continue to embrace cloud to reduce the cost of shared services, create services faster, and serve and engage citizens in the digital age. Momentum from previous years’ data center consolidation effort and cloud-first policy, combined with the Modernizing Government Technology Act in the U.S, are propelling more agencies into the cloud. Yet they must ensure effective cybersecurity for all services in cloud environments and any services they consume from the cloud. In the U.S, this means ensuring certifications of cloud products and services with FedRAMP.