Ron Ross is a Fellow at the National Institute of Standards and Technology (NIST). His current focus areas include information security and risk management. Dr. Ross leads the Federal Information Security Management Act (FISMA) Implementation Project, which includes the development of security standards and guidelines for the federal government, contractors, and the United States critical information infrastructure. His recent publications include Federal Information Processing Standards (FIPS) Publication 199 (security categorization standard), FIPS Publication 200 (security requirements standard), NIST Special Publication (SP) 800-39 (risk management guideline), SP 800-53 (security and privacy controls guideline), SP 800-53A (security assessment guideline), SP 800-37 (security authorization guideline), SP 800-30 (risk assessment guideline), SP 800-160 (systems security engineering guideline), and SP 800-171 (security requirements for contractors and nonfederal organizations). Dr. Ross is the principal architect of the Risk Management Framework (RMF), a multi-tiered approach that provides a disciplined and structured methodology for integrating the suite of FISMA-related standards and guidelines into a comprehensive enterprise-wide security program. Dr. Ross also leads the Joint Task Force, an interagency partnership with the Department of Defense, the Office of the Director National Intelligence, the U.S. Intelligence Community, and the Committee on National Security Systems that developed the Unified Information Security Framework for the federal government and its contractors.
Dr. Ross previously served as the Director of the National Information Assurance Partnership, a joint activity of NIST and the National Security Agency. In addition to his responsibilities at NIST, Dr. Ross supports the U.S. State Department in the international outreach program for information security and critical infrastructure protection. He has also lectured at many universities and colleges across the country including the Massachusetts Institute of Technology, Dartmouth College, Stanford University, and the Naval Postgraduate School. A graduate of the United States Military Academy at West Point, Dr. Ross served in many leadership and technical positions during his twenty-year career in the United States Army. While assigned to the National Security Agency, Dr. Ross received the Scientific Achievement Award for his work on an inter-agency national security project and was awarded the Defense Superior Service Medal upon his departure from the agency. Dr. Ross is a three-time recipient of the Federal 100 award for his leadership and technical contributions to critical information security projects affecting the federal government and is a recipient of the Department of Commerce Gold and Silver Medal Awards. Dr. Ross has been inducted into the Information Systems Security Association (ISSA) Hall of Fame and given its highest honor of ISSA Distinguished Fellow. He has received several private sector information security awards including the Applied Computer Security Associates Distinguished Practitioner Award, Vanguard Chairman’s Award, Symantec Cyber 7 Award, InformationWeek’s Government CIO 50 Award, Best of GTRA Award, Billington Cybersecurity Leadership Award, ISACA National Capital Area Conyers Award, SC Magazine’s Cyber Security Luminaries, (ISC)2 Inaugural Lynn F. McNulty Tribute Award, 1105 Media Gov30 Award, and the Top 10 Influencers in Government IT Security. During his military career, Dr. Ross served as a White House aide and senior technical advisor to the Department of the Army. Dr. Ross is a graduate of the Defense Systems Management College and holds Masters and Ph.D. degrees in Computer Science from the U.S. Naval Postgraduate School specializing in artificial intelligence and robotics.