InSecurity Podcast: Ron Ross - Applying the NIST Framework to Home Networks

“If you do good software development, most of our security problems will go away because all of the nagging vulnerabilities that we see in software — a lot of those are attributed to people not using secure coding techniques and things we should be doing…”
~
Dr. Ron Ross

These days, things are changing at such a rapid pace, it’s hard to keep up with what used to work, what is working, and what we can count on working when we log in tomorrow.

It’s almost like we need to count on some kind of established framework to use as a guideline - and who better to discuss the future of remote work and IT security writ large than a NIST Fellow. While this episode touches on the impact of COVID-19 on the expanded workforce, it’s not just another chat about the same old thing.

This week on the InSecurity Podcast, Matt Stephenson welcomes cybersecurity sage Dr. Ron Ross to discuss the rapid transition of a large portion the workforce from on-prem to remote work, as well as his recent shift from leading FISMA at NIST to their newly created DevSecOps initiative and why that movement matters now more than ever.

About Dr. Ron Ross

Dr. Ron Ross (@ronrossecure) is a Fellow at NIST. His focus areas include cybersecurity, systems security engineering, cyber resiliency, security architecture, privacy, and risk management.

Dr. Ross led the FISMA Implementation Project and the Systems Security Engineering Initiative, which includes the development of cybersecurity and privacy standards and guidelines for the federal government, contractors, and the U.S. critical infrastructure.

Dr. Ross also led the Joint Task Force, a partnership with the Department of Defense, Office of the Director National Intelligence, U.S. Intelligence Community, and the Committee on National Security Systems, with responsibility for the development of the Unified Information Security Framework for the federal government and its contractors.

Dr. Ross previously served as the Director of the National Information Assurance Partnership, a joint activity of NIST and the National Security Agency, and also supported the U.S. State Department in the international outreach program for cybersecurity and critical infrastructure protection.

A graduate of the United States Military Academy at West Point, Dr. Ross served in many leadership and technical positions during his twenty-year career in the United States Army. He is a five-time recipient of the Federal 100 award for his leadership and technical contributions to critical cybersecurity projects affecting the federal government and is a recipient of the Presidential Rank Award. Dr. Ross has also received the Department of Commerce Gold and Silver Medal Awards and has been inducted into the National Cyber Security Hall of Fame.

In addition, Dr. Ross has been inducted into the Information Systems Security Association Hall of Fame and given its highest honor of Distinguished Fellow. During his military career, Dr. Ross served as a White House aide and a senior technical advisor to the Department of the Army.

He holds a bachelor’s degree in Engineering from the U.S. Military Academy and master’s and Ph.D. degrees in Computer Science from the Naval Postgraduate School specializing in artificial intelligence and robotics. 

About Matt Stephenson

Insecurity host Matt Stephenson (@packmatt73) leads the broadcast media team at BlackBerry, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity Podcast and video series at events around the globe.

Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come before.