Ron Ross is a Fellow at the National Institute of Standards and Technology. His focus areas include computer security, systems security engineering, and risk management. Dr. Ross leads the Federal Information Security Modernization Act (FISMA) Implementation Project and Systems Security Engineering Project, which includes the development of security and privacy standards and guidelines for the federal government, contractors, and United States critical infrastructure. He also leads the Joint Task Force, an interagency group that includes the Department of Defense, Office of the Director National Intelligence, U.S. Intelligence Community, and the Committee on National Security Systems, with responsibility for developing a Unified Information Security Framework for the federal government and its contractors. Dr. Ross previously served as the Director of the National Information Assurance Partnership, a joint activity of NIST and the National Security Agency. He also supports the U.S. State Department in the international outreach program for cybersecurity and critical infrastructure protection. During his military career, Dr. Ross served as a White House aide and senior technical advisor to the Department of the Army. Dr. Ross has lectured at many universities and colleges including Stanford University, Massachusetts Institute of Technology, Dartmouth College, Naval Postgraduate School, Ohio State University, Auburn University, and George Washington University.
Dr. Ross has authored or coauthored many publications on risk management, cybersecurity, systems security engineering, and cyber resiliency. His publications include Federal Information Processing Standards (FIPS) 199 (security categorization), FIPS 200 (security requirements), and NIST Special Publication (SP) 800-39 (risk management), SP 800-53 (security and privacy controls), SP 800-53A (security assessments), SP 800-37 (Risk Management Framework), SP 800-30 (risk assessments), SP 800-160, Volume 1 (systems security engineering), SP 800-160, Volume 2 (cyber resiliency), SP 800-171 (protection of Controlled Unclassified Information in nonfederal systems and organizations), and SP 800-171A (security assessments for nonfederal organizations).
Dr. Ross has received numerous public and private sector awards including the Presidential Rank Award, Samuel J. Heyman Service to America Medal for Homeland Security and Law Enforcement, Department of Defense Superior Service Medal, National Security Agency Scientific Achievement Award, Department of Commerce Gold and Silver Medal Awards, Applied Computer Security Associates Distinguished Practitioner Award, GCN Government Executive of the Year Award, Vanguard Chairman’s Award, Government Technology Research Alliance Award, InformationWeek’s Government CIO 50 Award, Billington Cybersecurity Leadership Award, ISACA National Capital Area Conyers Award, ISACA Joseph J. Wasserman Award, AFFIRM President’s Award, Symantec Cyber 7 Award, SC Magazine’s Cyber Security Luminaries Award, (ISC)2 Lynn F. McNulty Tribute Award, and 1105 Media Gov30 Award. He has also been recognized three-times as one of the Top 10 Influencers in Government IT Security and is a five-time recipient of the Federal 100 award for his leadership and technical contributions to cybersecurity projects affecting the federal government. Dr. Ross has been inducted into the National Cyber Security Hall of Fame, selected as an (ISC)2 Fellow, and inducted into the Information Systems Security Association Hall of Fame receiving its highest honor of Distinguished Fellow.
Dr. Ross holds a Bachelor of Science degree in Engineering from the United States Military Academy at West Point. He is a graduate of the Defense Systems Management College and holds both Masters and Ph.D. degrees in Computer Science from the United States Naval Postgraduate School specializing in artificial intelligence and robotics.