In this episode Jacob talks with Dr. Ron Ross from NIST! This is the 1st of a three-part series with Dr. Ross.

In the episode Dr. Ross shares the fascinating history of NISTs involvement in cyber security!

Here are some key topics we discussed:

• How he started at NIST and the projects he has worked on
• NIST's and the Joint Task Force's Mission
• How he convinced the DoD to transition from DIACAP to RMF
• The history of continuous monitoring program
• The origins of NIST 800-171
• Why NIST did not adopt ISO 27001
• The goal of NIST 800-160

Dr. Ross is the author of multiple publications including Risk Management Framework (RMF), NIST 800-53, NIST 800-171, and many more!

Dr. Ross leads the FISMA Implementation Project which includes the development of security standards and guidelines for the federal government, contractors, and the United States critical infrastructure.

He also leads the Joint Task Force, an interagency group that includes the DoD, U.S. Intelligence Community, and the Committee on National Security Systems, with responsibility for developing a unified information security framework for the federal government and its contractors.

Follow Ron on LinkedIn: https://www.linkedin.com/in/ronrossecure/

NIST CSRC Website: https://csrc.nist.gov/

-----------

Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform!

Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s1-e10&utm_campaign=courses

Need a FedRAMP authorized Password Manager?

Start a free 14-day trial of Keeper: https://grcacademy.io/ref/keeper/b2b-trial/

See the CMMC controls that Keeper meets: https://grcacademy.io/ref/keeper/cmmc-controls-sheet/