Protecting Your Digital World
Engineering Trustworthy Secure Systems for the 21st Century
Protecting Your Digital World
Engineering Trustworthy Secure Systems for the 21st Century
The Mission
To provide trusted and reliable cybersecurity advisory services to government, industry, and the academic community. All organizations, from small start ups to Fortune 500 companies, deserve to have trustworthy, secure, and resilient systems to support their core missions and business operations.
Advisory Services
- Strategic cybersecurity and risk management planning
- Corporate Boards of Directors and Advisory Boards
- Cybersecurity and risk management framework use
- Security testing, evaluation, and assessment planning
- System authorization to operate (ATO) strategies and approaches
- Systems security engineering concepts, principles, and practices
- Cyber resiliency objectives, techniques and approaches
- Supply chain security and risk management
- NIST cybersecurity publications
- Speaking engagements (onsite/virtual)
Cybersecurity Expertise
Over 35 years of experience in cybersecurity, risk management, and systems security engineering with the Department of Defense, Intelligence Community, Department of Commerce, and Federally-Funded Research and Development Centers.
Customers and Sectors
Serving a variety of customers and sectors in the U.S. Critical Infrastructure including healthcare, financial services, critical manufacturing, energy, space, information technology, water systems, communications, and the defense industrial base.
Publications Authored/Co-Authored by Ron Ross
NIST SP 800-53
Security and Privacy Controls for Information Systems and Organizations
Available free of charge on the NIST website
NIST SP 800-53A
Assessing Security and Privacy Controls in Information Systems and Organizations
Available free of charge on the NIST website
NIST SP 800-171
Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
Available free of charge on the NIST website
NIST SP 800-171A
Assessing Security Requirements for Controlled Unclassified Information
Available free of charge on the NIST website
NIST SP 800-172
Enhanced Security Requirements for Protecting Controlled Unclassified Information
Available free of charge on the NIST website
NIST SP 800-172A
Assessing Enhanced Security Requirements for Protecting Controlled Unclassified Information
Available free of charge on the NIST website
NIST SP 800-160, Volume 1
Engineering Trustworthy Secure Systems
Available free of charge on the NIST website
NIST SP 800-160, Volume 2
Developing Cyber Resilient Systems
Available free of charge on the NIST website
NIST SP 800-37
Risk Management Framework for Information Systems and Organizations
Available free of charge on the NIST website
NIST SP 800-39
Managing Information Security Risk: Organization, Mission, and System View
Available free of charge on the NIST website
NIST SP 800-30
Guide for Conducting Risk Assessments
Available free of charge on the NIST website
FIPS 199 and FIPS 200
Standards for Security Categorization of Federal Information and Information Systems
Available free of charge on the NIST website
https://doi.org/10.6028/NIST.FIPS.199
Minimum Security Requirements for Federal Information and Information Systems
Available free of charge on the NIST website
Speaking Opportunities
On Site and Virtual Events
Government
Cybersecurity education and awareness events for Federal, State, and Local governments
Industry
Cybersecurity conferences; cybersecurity education and awareness events for small, medium, and large companies
Academia
Cybersecurity education and awareness events for colleges and universities; commencement addresses
To schedule an event, contact me at ron@ronrossecure.com. Speaking fees will be determined for each event.
Upcoming Speaking Engagements
Conferences
Current List of Speaking Engagements for Ron Ross
Dartmouth College
Rubrik Forward
Presentations will be available on this website after the event.