Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University
Menu
Home Digital Library Ron Ross (NIST) | SEI Digital Library

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Ron Ross (NIST)

Author

Ron Ross (NIST)

NIST
Dr. Ron Ross is a senior computer scientist and Fellow at the National Institute of Standards and Technology (NIST). His current areas of specialization include information security, testing and evaluation, and risk management. Dr. Ross leads the Federal Information Security Management Act (FISMA) Implementation Project, which includes the development of security standards and guidelines for the federal government, contractors, and the United States critical information infrastructure. Dr. Ross is the principal architect of the Risk Management Framework that provides a disciplined and structured methodology for integrating the suite of FISMA security standards and guidelines into a comprehensive, enterprise-wide information security program. In addition to his responsibilities at NIST, Dr. Ross supports the U.S. State Department in the international outreach program for information security and critical infrastructure protection. Dr. Ross previously served as the Director of the National Information Assurance Partnership, a joint activity of NIST and the National Security Agency. A graduate of the United States Military Academy at West Point, Dr. Ross served in a variety of leadership and technical positions during his twenty-year career in the United States Army. Dr. Ross is a graduate of the Defense Systems Management College and holds both Masters and Ph.D. degrees in Computer Science from the United States Naval Postgraduate School.

April 2012 - Podcast NIST Catalog of Security and Privacy Controls, Including Insider Threat

Authors: Ron Ross (NIST), Joji Montelibano, Julia H. Allen

In this podcast, participants discuss why security controls, including those for insider threat, are necessary to protect information and information systems.

March 2011 - Podcast Integrated, Enterprise-Wide Risk Management: NIST 800-39 and CERT-RMM

Topics: Cyber Risk and Resilience Management

Authors: Ron Ross (NIST), James J. Cebula, Julia H. Allen

In this podcast, participants explain why and how business leaders must address risk at the enterprise, business process, and system levels.