DevSecOps , Endpoint Security , Governance & Risk Management

NIST's Ron Ross: 'The Adversary Lives in the Cracks'

SolarWinds Breach Calls Attention to Fundamental Need for Better DevSecOps
NIST's Ron Ross

In the wake of the SolarWinds breach, Ron Ross of the National Institute of Standards and Technology has turned his attention to systems security engineering – and the reality that the adversaries are exploiting it to their advantage better than the defenders are. This disparity, Ross says, has to change.

See Also: Digital Transformation: Better Ops, Agile Apps, Faster Business

In this video interview with Information Security Media Group, Ross discusses:

  • How the adversaries "live in the cracks";
  • The urgency to change defensive strategies and tactics;
  • How to approach systems security engineering going forward.

Ross specializes in information security, systems security engineering and risk management. He leads NIST's Federal Information Security Management Act Implementation Project, which includes the development of key security standards and guidelines for the federal government and critical information infrastructure. Ross also leads the Joint Task Force, an interagency partnership with the Department of Defense, Office of the Director National Intelligence, the U.S. Intelligence Community and the Committee on National Security Systems, with responsibility for developing the Unified Information Security Framework for the federal government and its contractors. In addition to his responsibilities at NIST, Ross supports the U.S. State Department in the international outreach program for information security and critical infrastructure protection.


About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.