Ron Ross

NIST exploring possible DevSecOps framework for agencies

by • 2 years ago

The National Institute of Standards and Technology is currently gathering information on products developed using the organizational philosophy to eventually issue guidance normalizing the process.

NIST’s Ron Ross argues for sharing threat intelligence

by • 4 years ago

Today's growing infrastructure means that adversaries have an "unlimited opportunity to do damage," Ross says, recommending agencies do more to share threat intelligence.

NIST issues draft guidance for securing legacy IT systems, more

by • 4 years ago

Ron Ross, NIST fellow and one of the agency’s cybersecurity experts, spoke with CyberScoop about the needed update.

NIST drops ‘federal’ from cyber controls guidance

by • 5 years ago

The move to remove the word “federal” from the title of its magisterial catalogue of cybersecurity and privacy controls is one of a series of proposed changes.

So, you’ve assumed compromise. Now what?

by • 6 years ago

The once-radical notion that cyber defenders should assume hackers are already in their network is now conventional wisdom. But the implications of it are still taking hold, experts and officials said Thursday.

New approach needed to IT, says NIST’s top cyber scientist

by • 6 years ago

No amount of security software, firewalls or anomaly detection systems can protect an IT infrastructure that's fundamentally insecure and to deal with the looming cybersecurity crisis, a new approach to computer architecture is required, the National Institute of Standards and Technology's top computer security scientist told the president's commission on long-term cybersecurity.