Ron Ross is evangelizing a new approach to secure IT that adopts an engineering approach to build trustworthy and resilient information systems. Ross is leading a team at the National Institute of Standards and Technology that’s creating new guidance titled Systems Security Engineering, Special Publication 800-160. The second draft of the guide should be published by early next year. “The best security programs are ones that are kind of indivisible because they disappear into the mainstream activities so you don’t run around looking for the security officer,” Ross says.”]
Source: https://www.govinfosecurity.com/video-ron-ross-promotes-new-infosec-approach-a-8690