ENGINEERING
NIST Fellow Ron Ross Honored With Inaugural McNulty Information Security Leadership Award
National Institute for Standards a Technology (NIST) Fellow Ron Ross has been awarded the inaugural Lynn F. McNulty Tribute U.S. Government Information Security Leadership Award. The (ISC)2 U.S. Government Advisory Board for Cyber Security (GABCS) announced the award on Oct. 29, 2013, in recognition of Ross’s “key role in establishing cybersecurity requirements for federal agencies for decades.”
Ross leads the Federal Information Security Management Act (FISMA) implementation project and is the principal architect of the NIST Risk Management Framework. A former director of the National Information Assurance Partnership, Ross also currently leads the interagency program synchronizing U.S. government cybersecurity standards and guidelines.
The award was established last year after the death of (ISC)2 Fellow and IT security evangelist Lynn F. McNulty, CISSP. McNulty was considered by those in the community as the "pioneer" of government information security. The Tribute Award recognizes a member of the U.S. federal information security community who upholds McNulty's legacy as a visionary and innovator through outstanding service and commitment.
Ross worked with McNulty during the 1990s when McNulty was NIST’s Associate Director of Computer Security.
"Ron's insight and leadership in producing a library of guidance publications over the past decade has greatly contributed to the advancement of information security in government and around the world," said Peter Gouldmann, CISSP, director of information risk programs, Office of Information Assurance, U.S. Department of State, and member, (ISC)2 GABCS. “His highly collaborative approach, incorporating government and industry, has resulted in products that are being adopted and adapted for use on national security systems, transcending the unclassified and classified systems landscape.”
(ISC)2 is a not-for-profit information security professional body specializing in information security education and certifications, including the Certified Information Systems Security Professional (CISSP).