Jon Boyens
Acting Deputy Chief of the Computer Security Division, Department of Commerce’s National Institute of Standards and Technology (NIST)
Jon Boyens is the (Acting) Deputy Chief of the Computer Security Division, within the Department of Commerce’s National Institute of Standards and Technology (NIST). He leads NIST’s Cyber Supply Chain Risk Management (C-SCRM) Program and co-leads the federal interagency working group for Cyber SCRM. Boyens helps develop and coordinate the Department’s cybersecurity policy among the Department’s bureaus and represents the Department in the Administration’s interagency cybersecurity policy process. Boyens has worked on various White House-led initiatives, including those on trusted identities, botnets, the Cybersecurity Framework and Roadmap, telecommunications supply chain and, more recently, the Federal Acquisition Supply Chain Council.
Since 2010, Boyens has conducted research to identify, evaluate and develop technologies, tools, techniques, practices, and standards needed to enable organizations to manage supply chain risk. Building on this research, he led a team to develop and issue a set of foundational, standardized, repeatable, and feasible practices to help organizations manage cyber supply chain risks to their organizations and systems. These practices were released in 2015 as NIST Special Publication 800-161, Supply Chain Risk Management Practices for Federal Information Systems and Organizations. Continuing on this line, Boyens is currently managing and conducting research focused on industry best practices for Cyber SCRM, supplier interdependency and impact analysis, predictive risk analytics, and cyber and supply chain metrics.