Donna Dodson, chief cybersecurity adviser, associate director for cybersecurity, IT Laboratory, National Institute of Standards and Technology (NIST)
When Donna Dodson first became interested in security, there weren't any cybersecurity courses to be found and the definitive book for security pros was Dorothy Denning's 1982 tome, Cryptography and Data Security.
Since then the topic has continued to grow as has the role of the National Institute of Standards and Technology (NIST) where Dodson is chief cybersecurity adviser and the IT Laboratory associate director for cybersecurity.
“It's a good day when you learn something new at work and every day I'm learning something new here,” she says of working at the NIST.
The organization of late has become the darling of cybersecurity – in large part because the NIST Cybersecurity Framework, while voluntary, is the de facto standard that organizations comply with to reduce cyber risk. The standards body has gained the reputation of working with different factions to come up with standards and best practices that are doable.
“I think we at NIST work very hard to have collaborative relationships with industry, other government agencies and academics,” Dodson says. “We listen, go back and process what we hear.”
The organization is also trusted by the cyber community. “Everything we do in cyber at NIST is open and transparent,” she says.
NIST has also moved toward developing standards and practices that “recognize technology is critical but has to be applicable to the business community.”
The pace of the industry keeps Dodson both busy and satisfied.
“Used to be: talk encryption and vulnerabilities on the bits and bytes level, she says. "But now we're bringing it into the business space. That's what we're doing differently today.”
“I'm fortunate to work with the whole cybersecurity program at NIST," she says, adding that she is most proud of her good team for taking the work seriously, and not themelves. "We work on projects in a collaborative manner," Dodson says.
She has watched the National Cybersecurity Center of Excellence grow from no staff (workers were originally borrowed from other entities) to a center with 15 federal employees and a research and development center with 50 employees, run by Mitre with 30 industry partners.
Among the great influences she cites are her first boss at NIST, who she says helped establish a cybersecuritiy foothold for her and pushed her well out of her comfort zone many times.
Dodson emphasizes that it takes diverse backgrounds to solve problems. “I would like to see more women in this space,” she says, musing that she has never has to stand in line for the ladies' room.
"Cyber affects us all and it's not going to be solved by one individual or organization," she says. – TR