The most sensitive information in the nation is stored within the systems of the U.S. government — from social security numbers, to top secret clearances, to private inter-agency communications. From the Office of Personnel Management (OPM) breach in 2015 to the Democratic National Committee (DNC) breach in 2016, we, as a nation have seen first hand the damage of a hacked U.S. agency. This type of risk exposure has made the U.S. prioritize cybersecurity.
Recently, President Trump signed an Executive Order putting in motion his plans to protect the U.S. government from hackers. In the order he has mandated that all agencies must adhere to the National Institute of Standards and Technology cybersecurity framework. To get an inside look at what this framework looks like, I had the privilege to sit down with Dr. Ron Ross.
Dr. Ross is a fellow at the National Institute of Standards and Technology (NIST) and specializes in information security, risk management, and systems security engineering. He leads the Federal Information Security Management Act Implementation Project, which includes the development of security standards and guidelines for the federal government, contractors, and the United States critical information infrastructure. He has also been inducted into the National Cyber Security Hall of Fame, and is a recipient of the Samuel J. Heyman Service to America Medal for Homeland Security and Law Enforcement.
I invite you to listen to the podcast interview to better understand NIST’s cybersecurity framework and be proactive about risk management.