Computer Scientist, NIST Fellow
National Institute of Standards and Technology
Computer Security Division
Phone: (301) 975-5390
Mobile: (301) 651-5083
Biography (Updated: Nov. 2016)
- Project Leader, FISMA Implementation Project
- Project Leader, Joint Task Force Transformation Initiative
- FISMA Standards and Guidelines
- Enterprise Risk Management
- Risk Management Framework
- Software Assurance
- Security Architecture and Engineering
- NIST Special Publication 800-160 (IPD), Systems Security Engineering: An Integrated Approach to Building Trustworthy Resilient Systems, May 2014.
- Federal Information Processing Standards Publication 199, Standards for Security Categorization of Federal Information and Information Systems, February 2004.
- Federal Information Processing Standards Publication 200, Minimum Security Requirements for Federal Information and Information Systems, March 2006.
- NIST Special Publication 800-30, Revision 1, Guide for Conducting Risk Assessments, September 2012.
- NIST Special Publication 800-37, Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach, February 2010.
- NIST Special Publication 800-39, Managing Information Security Risk: Organization, Mission, and Information System View, March 2011.
- NIST Special Publication 800-53, Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, April 2013.
- NIST Special Publication 800-53A, Revision 4, Guide for Assessing the Security Controls in Federal Information Systems and Organizations: Building Effective Security Assessment Plans, June 2010.