U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Multi-Cloud Security Public Working Group MCSPWG



Credits: Annie Sokol


IT Specialist



Ms. Annie Sokol is an IT Specialist in the Information Technology Laboratory's Computer Security Division at the National Institute of Standards and Technology (NIST).  Annie represents NIST in several subcommittees of the International Standards Organization, and she is the editor and co-editor of several ISO/IEC standards.  As a member of the NIST Cloud Computing Program, she chaired NIST Cloud Computing Interoperability and Portability Working Group and NIST Cloud Computing Standards Roadmap Working Group where she co-authored NIST SP 500-291, NIST Cloud Computing Standards Roadmap.   

Before joining NIST, Annie had a successful career in business administration in the private industries for over twenty years.  She received a Master of Science in Information and Telecommunication Systems (MS ITS) and a Master of Business Administration (MBA) from Johns Hopkins University.

Photo Brian Ruf

Credits: Brian Ruf


Director of Cybersecurity

Easy Dynamics

Mr. Brian Ruf contributed substantially to NIST’s planning and creation of OSCAL, ensuring its ability to expedite FedRAMP and FISMA workflows. Brian began his 30-year IT career as a programmer and network engineer for the FAA. In the late 90’s he was part of a core team applying cyber security to a (then) next generation air traffic control system. Since 2000, he has led efforts for government agencies, pharmaceutical companies, telecommunication providers, and financial institutions on topics involving risk management, cyber security , system development lifecycle methodologies, and business process re-engineering.

Brian joined the FedRAMP PMO in July 2015, where he was instrumental in the success of FedRAMP Accelerated and related improvements. Brian is now leads Easy Dynamic’s OSCAL-enabled compliance automation efforts.

Nida Davis

Credits: Nida Davis


Security Architecture Director


Dr. Davis serves as the Security Architecture Director with Microsoft and is currently leading the Microsoft Digital Security & Resilience (DSR) function which is dedicated to ensuring the security and resilience of every aspect of the Microsoft business. The mission of the DSR function is to support Microsoft build and delivering the most trusted devices and services while keeping Microsoft safe and protected. DSR is responsible for Microsoft company-wide information security and compliance, with a strategic focus on information protection, assessment, awareness, governance, and enterprise business continuity. As customer zero, DSR will deploy and secure digital services inside Microsoft and share best practices with enterprise customers at scale across the globe. As the Director of Security Architecture, Nida leads a highly-performing team of Microsoft PMs and Security Architects entrusted with all aspects of security architecture design, execution, and partner engagement.

Previously Nida served as an Associate Director in the Federal Reserve’s Division of Supervision and Regulation (S&R), and was responsible for providing oversight and guidance on business operational resiliency, information technology, cybersecurity, data protection, and emerging technologies. Nida oversaw and led S&R’s efforts on cybersecurity and develop strategies to ensure that operational resiliency and information technology policies improve the safety and soundness of regulated entities in the financial sector. Nida has experience in participating in national and international standards and cybersecurity best practices setting groups that deal with operational resiliency and cyber security. These include the Financial Stability Board’s cyber-lexicon workgroup and the Basel Committee on Banking and Supervision’s operational resiliency working group, for both of which she has led key cybersecurity and operational resilience work streams. In addition, Nida has experience serving on several U.S. Treasury-led national groups, as well as on the G7 Cyber-Experts Group. Nida has received her Doctor of Liberal Studies from Georgetown University. She holds a Master of Business Administration (MBA) from the American University in Cairo, a Master of Arts in Leadership from Bellevue University, a graduate degree from the ABA Stonier Graduate School of Banking, as well as a Bachelor of Science in Chemical engineering from Jordan University. Lastly, Nida was recognized as an award recipient of the prestigious Computer World Premier Top One Hundred IT Leaders for the year 2006.


Credits: Ned Goren


IT Specialist





Ned Goren is a security researcher and a member of the RMF (FISMA) Team at NIST. He is also the Computer Security Division security officer. Prior to joining NIST, he served as a control assessor and as an Information Systems Security Officer (ISSO) at the U.S. Census Bureau. 


Created October 12, 2021, Updated August 02, 2022