Federal government key strategic information security initiatives update
The federal government continues its risk management transformation by deploying key security standards and guidelines supporting a unified information security framework. This presentation will provide an update on key strategic information security initiatives underway within the federal government and the security standards and guidelines being developed by the Joint Task Force Transformation Initiative (an ongoing partnership among the Department of Defense, the Intelligence Community, NIST, and the Committee on National Security Systems). Topics of discussion will include integration of information security and privacy requirements into enterprise architectures and system development life cycles, the emerging three-tiered risk management model that addresses risk from a strategic and tactical perspective, and incorporating systems and security engineering principles into organizational information systems.
Dr Ron Ross, NIST
Dr. Ron Ross is a senior computer scientist and information security researcher at the National Institute of Standards and Technology (NIST). His current areas of specialization include security requirements definition, testing and evaluation, risk management, and information assurance. Dr. Ross leads the Federal Information Security Management Act (FISMA) Implementation Project for NIST, which includes the development of key security standards and guidelines for the federal government, support contractors, and the United States critical information infrastructure. His recent publications include Federal Information Processing Standards (FIPS) Publication 199 (security categorization standard), FIPS Publication 200 (security requirements standard), NIST Special Publication 800-53 (security controls guideline), NIST Special Publication 800-53A (security assessment guideline), NIST Special Publication 800-37 (security certification and accreditation guideline), and NIST Special Publication 800-39 (risk management guideline). Dr. Ross is also the principal architect of the NIST Risk Management Framework that provides a disciplined and structured methodology for integrating the suite of FISMA security standards and guidelines into a comprehensive enterprise-wide information security program. In addition to his FISMA responsibilities, Dr. Ross leads the Joint Task Force Transformation Initiative Working Group, a joint partnership with NIST, the Department of Defense, and the Intelligence Community to develop a unified information security framework for the federal government and its support contractors.