20+ year experienced cybersecurity advisor and consultant specializing in strategic implementation and enterprise-wide cyber resilience, business continuity and long-term risk reduction to critical IT infrastructureCareer Highlights: DHS/CISA Cyber Security Advisor for New England (2017-2022)DHS/CISA Program Manager on the White House's Comprehensive National Cybersecurity Initiative on Supply Chain Risk ManagementRapid7 ISO 27001:2013 Certification (2023)Rapid7 SOC 2 Type II Compliance (2022 & 2023)Presidential Policy Directive 41 on U.S. Cyber Incident Coordination (2016)U.S. National Cyber Incident Response Plan (2017)DHS Cyber Strategy (2015)DHS/CISA Cross-Divisional Implementation Plan (2016)In-tune with: U.S. National Cybersecurity Strategy (2023 & 2018)NIST Cybersecurity Framework 2.0NIST SP 800-53 v5 and 53BNIST SP 800-37 Rev 2 - Risk Management Framework for Information Systems and OrganizationsExecutive Order 13800 on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure Executive Order 13636 on Improving Critical Infrastructure CybersecurityThe President's Executive Order (EO) 14028 on Improving the Nation's CybersecurityExperienced in public and private sector engagements, keynote speeches, risk evaluation to IT security systems, overhauling information security programs from policy management, compliance, risk evaluation, customer contract reviews, third party vendor assessments. intelligence, information sharing, auditing, incident response planning, strategy, and mentorship. Trained in:Carnegie Mellon/SEI CERT Resilience Management ModelCapability Maturity Model IntegrationCybersecurity Awareness TrainingDHS/CISA Cyber Resilience Review AssessmentDHS/CISA External Dependencies Management AssessmentDHS/CISA Cyber Infrastructure SurveyDHS/CISA Cybersecurity Evaluation ToolSpecialties:Information Security Policy Management, Governance, Compliance, Cyber Maturity Assessments, IT Auditing, Partnership Engagement, SLTT Collaboration, Critical Infrastructure Resilience, Supply Chain SecurityTools: Armis, Asana, Sharepoint, Auditboard, Cyberscope, Ombud, Miro, Microsoft 365, Okta, Origami Risk, Phalanx ERM
-
Business Continuity Senior AnalystMbtaBeverly, Ma, Us -
Senior Grc Risk SpecialistMrcc Jan 2024 - PresentBoston, Massachusetts, United StatesLeads the implementation of the MBTA’s enterprise risk management platform, updating the risk repository and piloting assessments to remediate findings.Assists technology leaders in understanding risk-based security controls for new technology deployments.Oversees all vendor risk management activities, ensuring comprehensive assessment and mitigation of third party risk. -
Cyber Security ConsultantEvee Consulting Group, Llc Sep 2023 - Feb 2024Boston, MaCollaborated with CyberTrust Massachusetts to deliver strategic insights to state leadership regarding municipal cyber resiliency, threats, and necessary security enhancements.Established CyberTrust’s risk management program by devising strategic plans and programmatic elements to effectively address statewide cybersecurity risks, align with regulatory mandates, and foster ongoing resilience.Oversaw interview-based cyber risk assessments on municipal infrastructure to comprehensively understand, manage, and mitigate cyber threats across the Commonwealth of Massachusetts.Conducted evaluations of third-party solution providers for their security compliance features, integration capabilities, scalability, and specific security attributes to enhance municipal cyber resiliency.Provided mentorship to cybersecurity-focused interns from Bridgewater State University. -
Manager For Governance, Risk, & ComplianceRapid7 Feb 2022 - Jul 2023Boston, Massachusetts, United StatesSpearheaded Rapid7's Governance, Risk, and Compliance (GRC) program, driving strategic planning, policy management, regulatory compliance, and awareness training initiatives.Successfully managed SOC 2 attestation and led Rapid7 to achieve its first ISO 27001 certification for the Information Security Management System and critical infrastructure.Directed the remediation of key findings from annual tabletop exercises, significantly boosting business continuity and resilience across enterprise services.Revamped the security awareness training program in partnership with HR, leading a seamless migration to a new learning management system.Orchestrated the comprehensive update of 30+ enterprise-wide information security policies and standards, ensuring robust compliance and risk management.Led security assessments for mergers, acquisitions, and third-party vendors, strengthening overall security posture.Facilitated high-level security policy and risk discussions with corporate executives, shaping strategic decisions.Oversaw complex customer contract reviews and due diligence processes, working closely with commercial legal counsel to mitigate risks. -
Chief Of Cybersecurity, Region 1 - New EnglandCybersecurity And Infrastructure Security Agency Oct 2014 - Feb 2022Greater Boston Area• Led the relaunch of CISA's Cybersecurity Engagement Program in New England, focusing on improving risk management and information sharing across sectors.• Managed and mentored four Cybersecurity Advisors to build and manage relationships with customers in New England.• Assisted organizations in customizing security strategies and enhancing incident response plans. -
Adjunct ProfessorBoston College - Woods College Of Advancing Studies Feb 2019 - Dec 2021Chestnut Hill, MaAdjunct Professor in the Cybersecurity Policy & Governance Graduate Program at the Woods College of Advanced Studies. -
Adjunct ProfessorEndicott College Aug 2018 - Aug 2021Beverly, MassachusettsAdjunct Cybersecurity Professor at Endicott College's Van Loan School in the Homeland Security Studies Program. -
AssociateBooz Allen Hamilton Aug 2011 - Oct 2014Mclean, Va-While supporting CISA as a consultant, served as the metrics lead to develop performance measures for using the NIST Cybersecurity Framework developed by the National Institute of Standards and Technology by critical infrastructure stakeholders.-Developed programmatic and operational performance measures to demonstrate progress to Executive Order 13636 performance goals that were presented to the DHS Deputy Undersecretary for the National Protection and Programs Directorate.-Developed a white paper on linking the EO 13636 Goals with National-Level Outcome Statements for critical infrastructure, and developed critical infrastructure case studies and decision trees that informed CS&C senior leadership on the adoption of the Cybersecurity Framework.-Incorporated cybersecurity best practice recommendations into the National Infrastructure Protection Plan (NIPP) through collaboration with DHS Infrastructure Protection (IP) Integrated Task Force (ITF). -
Senior Cybersecurity AnalystCybersecurity And Infrastructure Security Agency Aug 2008 - Aug 2011-Performed cyber risk assessments with public and private critical sectors and SLTT partners to evaluate an organization's operational resilience and cybersecurity practices.-Evaluated implementation and management of cybersecurity capabilities with the focus on operational resilience towards achieving business objectives.-Primary focus on service continuity, disaster recovery, asset designation and prioritization, training, situational awareness, vulnerability and incident management.-Served as Deputy Program Manager for the DHS Cyber Supply Chain Risk Management (SCRM) Program under the Comprehensive National Cybersecurity Initiative (CNCI 11).-Primary representative on multiple inter-agency working groups focusing on policy development, best practices, and continued integration of security, assurance, and resilience into global supply chains
-
Ia Manager, Vendor Product EvaluationDisa Sep 2002 - Aug 2008Served as Information Assurance Lab Manager for vendor product testing at the Joint Interoperability Test Command Indian Head facility.Managed and delegated responsibilities for third party vendor product testing within a hardened environment.Oversaw succession of Code Analysis Vulnerability Assessments (CAVA) for software integrity of third party products.Performed network and system administration for DOD Common Operating Environment (COE) for the Test Execution Division.
Ron Ford Education Details
-
Cybersecurity And Policy Management -
Electrical Engineering -
Strayer University-MarylandComputer Networking
Frequently Asked Questions about Ron Ford
What company does Ron Ford work for?
Ron Ford works for Mbta
What is Ron Ford's role at the current company?
Ron Ford's current role is Business Continuity Senior Analyst.
What schools did Ron Ford attend?
Ron Ford attended University Of Maryland Global Campus, Howard University, Strayer University-Maryland.
Who are Ron Ford's colleagues?
Ron Ford's colleagues are Jacklyn Thibodeau, Matthew Frazier, John Michaud, Olnique Mathurin, William Jones, Bill Macarthur, Thea Wright.
Not the Ron Ford you were looking for?
-
3iwsbiz.net, iapsinc.com, iaps.org
2 +176080XXXXX
-
7kemtah.com, asrcfederal.com, asrcfederal.com, yahoo.com, bgs-llc.com, gmail.com, edgewaterit.com
5 +163629XXXXX
-
1swbell.net
Free Chrome Extension
Find emails, phones & company data instantly
Aero Online
Your AI prospecting assistant
Select data to include:
0 records × $0.02 per record
Download 750 million emails and 100 million phone numbers
Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.
Start your free trial