As a top target for cyber criminals, government must remain vigilant in protecting citizen’s most sensitive data. Cloud security is a critical factor, as government has continued to move toward cloud-first services. In April 2020, a steering committee of government CIOs, CISOs, and Procurement and Privacy officers joined industry leaders from cloud providers and cyber security assessing organizations to charter StateRAMP to bring together States to create a common method to verify cloud security. Designed as a Public/Private Partnership, StateRAMP was organized under the Indiana Nonprofit Corporations Act as a domestic nonprofit organization. StateRAMP strives to provide an efficient and cost-effective solution for verifying cloud service providers’ cyber security profile on behalf of state and local government. Like FedRAMP, StateRAMP aims to simplify security by providing states and local government a standardized approach for protecting their data in the cloud, with a security framework built on the National Institute of Standards & Technology (NIST) Special Publication 800-53 rev. 4. StateRAMP helps States reduce cyber risks from unsecure cloud solutions, and benefits cloud service providers (CSPs) by creating a “verify once, use many” approach to cloud security and risk assessment. StateRAMP’s purpose is (1) help states and local government protect citizen data; (2) save taxpayer and CSP dollars with a "verify once, serve many” model; (3)to lessen the burdens of Government; and (4) promote education and best practices in cybersecurity among those it serves in industry and the government communities. StateRAMP is governed by a board of directors with a majority representation from state and local government officials. In early 2021, StateRAMP will begin piloting the program with States and CSPs. Learn more at www.stateramp.org or email info@stateramp.org.