Protecting Your Digital World
Engineering Trustworthy Secure Systems for the 21st Century
Protecting Your Digital World
Engineering Trustworthy Secure Systems for the 21st Century
The Mission
To provide trusted and reliable cybersecurity advisory services to government, industry, and the academic community. All organizations, from small start ups to Fortune 500 companies, deserve to have trustworthy, secure, and resilient systems to support their core missions and business operations.
Available Services
- Cybersecurity planning
- Boards of Directors and Advisory Boards
- Risk management frameworks
- Systems security engineering
- Security assessment planning
- Space systems security
- System ATO strategies and approaches
- Cyber resiliency planning
- CUI protection strategies
- International cybersecurity outreach
- Supply chain security
- Cybersecurity expert witness
- NIST cybersecurity publications
- Speaking engagements
Cybersecurity Expertise
Over 35 years of experience in cybersecurity, risk management, and systems security engineering with the Department of Defense, Intelligence Community, Department of Commerce, and Federally-Funded Research and Development Centers.
Customers and Sectors
Serving a variety of customers and sectors in the U.S. Critical Infrastructure including healthcare, financial services, critical manufacturing, energy, space, information technology, water systems, communications, and the defense industrial base.
International Cybersecurity Outreach
Extensive experience in cybersecurity outreach programs with foreign governments including Canada, United Kingdom, France, Netherlands, Germany, Korea, Japan, India, and Australia.
Publications Authored/Co-Authored by Ron Ross
NIST SP 800-53
Security and Privacy Controls for Information Systems and Organizations
Available free of charge on the NIST website
NIST SP 800-53A
Assessing Security and Privacy Controls in Information Systems and Organizations
Available free of charge on the NIST website
NIST SP 800-171
Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
Available free of charge on the NIST website
NIST SP 800-171A
Assessing Security Requirements for Controlled Unclassified Information
Available free of charge on the NIST website
NIST SP 800-172
Enhanced Security Requirements for Protecting Controlled Unclassified Information
Available free of charge on the NIST website
NIST SP 800-172A
Assessing Enhanced Security Requirements for Protecting Controlled Unclassified Information
Available free of charge on the NIST website
NIST SP 800-160, Volume 1
Engineering Trustworthy Secure Systems
Available free of charge on the NIST website
NIST SP 800-160, Volume 2
Developing Cyber Resilient Systems
Available free of charge on the NIST website
NIST SP 800-37
Risk Management Framework for Information Systems and Organizations
Available free of charge on the NIST website
NIST SP 800-39
Managing Information Security Risk: Organization, Mission, and System View
Available free of charge on the NIST website
NIST SP 800-30
Guide for Conducting Risk Assessments
Available free of charge on the NIST website
FIPS 199 and 200
Standards for Security Categorization of Federal Information and Information Systems
Available free of charge on the NIST website
https://doi.org/10.6028/NIST.FIPS.199
Minimum Security Requirements for Federal Information and Information Systems
Available free of charge on the NIST website
Upcoming Speaking Engagements
Mastering NIST SP 800-171 for CMMC — Part 3
Webinar Hosted by Preveil
April 23, 2026
Securing the Software Supply Chain to Support Mission — Part 3
Webinar Hosted by Chainguard
April 30, 2026
Cybersecurity Summit: Boston
Hosted by CyberRisk Alliance
May 6, 2026