Trusted CI Webinar: The Operational Technology Procurement Vendor Matrix, Monday March 31st @10am Central

Trusted CI's Mark Krenz is presenting the talk, The Trusted CI Operational Technology Procurement Vendor Matrix, on Monday March 31st at 10am, Central time.

Please register here.

Operational Technology (OT), when installed on an organization's network, becomes part of the overall cyber attack surface for an organization. When procuring this OT, it is important for the purchasing organization to understand how it will integrate with the existing network and security controls as well as understand what new risks it might introduce. The Trusted CI Operational Technology Procurement Vendor Matrix (the Matrix) provides a prioritized list of questions for organizations to send to manufacturers and suppliers to try to get as much of this information as possible.

In this webinar, we will walk through what security issues impact OT, the role of procurement in mitigating security risks, our reasoning and process for developing the Matrix, and a walk through on how to use the Matrix at your organization. Questions and shared experiences with OT are encouraged.

TARGET AUDIENCE:
Organizational leadership, procurement department, IT, cybersecurity

The Matrix can be found at https://trustedci.org/ot-matrix

Speaker Bio: 

Chief Security Analyst Mark Krenz is focused on cybersecurity operations, research, and education. He has more than two decades of experience in system, network administration, programming, and system security and has spent the last decade focused on cybersecurity. He also serves as the CISO of Trusted CI.

---

Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

Trusted CI 2024 Summit Report Now Available

Last October, Trusted CI convened the 2024 NSF Cybersecurity Summit. This yearly event provides a forum for National Science Foundation (NSF) scientists, researchers, cybersecurity, and cyberinfrastructure (CI) professionals and stakeholders to share effective technical practices and brainstorm solutions to everyday challenges facing cybersecurity environment professionals. When the community comes together for the Summit, they collectively learn from each other.

The 2024 Summit was held in person in Pittsburgh, PA, at Carnegie Mellon University. Over 250 individuals attended, including representatives of 44 NSF projects. Lorrie Faith Cranor, the Director and Bosch Distinguished Professor in Security and Privacy Technologies at the Cylab Security and Privacy Institute, delivered the keynote lecture and gave suggestions on how to develop the best cybersecurity practices for users.

During the four days of the Summit, attendees could choose from various workshops, training sessions, and seminars. These included topics such as:

• How to adopt the Trusted CI Framework
• How to apply Generative AI for cybersecurity defense
• How to manage cybersecurity and ransomware risks

Interested in reading more takeaways from this year's Summit? Download the full Summit Report from https://zenodo.org/records/14866819 and read more about lessons learned from the NSF’s top cybersecurity experts.

Trusted CI and the Research Infrastructure Security Community Respond to NSF’s Draft Research Infrastructure Guide

 

Trusted CI, in collaboration with the Research Infrastructure Security Community (RISC), submitted comments to the U.S. National Science Foundation (NSF) regarding Section 5.3 of NSF’s 2025 draft Research Infrastructure Guide (RIG). These comments offer the community’s perspective on the NSF’s proposed new guidance for Major Facilities and Mid-Scales on building their cybersecurity programs.

RISC is a community of practice built by Trusted CI for NSF-funded cybersecurity professionals. RISC is composed of graduates from the Trusted CI Framework Cohort Program, who continue to gather as a community to expand their cybersecurity knowledge, share experiences, and build relationships.

For more information, please contact us at info@trustedci.org.

Trusted CI Webinar: Trusted Volunteer Edge-Cloud Computing for Scientific Workflows, Monday February 24th @10am Central

Mizzou's Prasad Calyam is presenting the talk, Trusted Volunteer Edge-Cloud Computing for Scientific Workflows, on Monday February 24th at 10am, Central time.

Please register here.

The unprecedented growth in networked edge devices (e.g., scientific instruments, sensors) has caused a data deluge in scientific application communities. The data processing is increasingly relying on distributed computing to cope with the heterogeneity, scale, and velocity of the data. At the same time, there is an abundance of low-cost computation resources that can be used for “volunteer edge-cloud computing” (VEC), where collaborators in a community (e.g., bioinformatics, manufacturing) contribute their resources to form a distributed infrastructure to execute scientific workflows. In this talk, a VEC management reference architecture and a related framework implementation will be presented for support of trusted resource allocation in VEC environments for scientific data-intensive workflows. We demonstrate how our novel scheduling approach optimizes task allocation on VEC nodes by balancing workflow requirements and resource preferences, improving latency, task completion times, and resource utilization efficiency. Lastly, we outline our recent efforts to ensure privacy-preservation of the scientific workflow execution in VEC environments by adopting principles from the confidential computing paradigm.

Speaker Bio: 

Prasad Calyam is a Curators’ Distinguished Professor and the Greg L. Gilliom Professor of Cybersecurity in the Department of Electrical Engineering and Computer Science at University of Missouri-Columbia, and Director of the Center for Cyber Education, Research and Infrastructure (Mizzou CERI). His research and development areas of interest include: Cloud Computing, Machine Learning, Artificial Intelligence, Cyber Security, and Advanced Cyberinfrastructure. He has published over 235 peer-reviewed papers in various conference and journal venues. As the Principal Investigator, he has successfully led teams of graduate, undergraduate and postdoctoral fellows in Federal, State, University and Industry sponsored R&D projects sponsored by National Science Foundation, Department of Energy, National Security Agency and others. His basic research and software on multi-domain network measurement and monitoring has been commercialized as ‘Narada Metrics’.

---

Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

Trusted CI: Relaunching and Expanding the Student Program

As cybersecurity continues to grow in importance across the scientific community, the need to cultivate the next generation of cybersecurity leaders is more critical than ever. Trusted CI is proud to announce the relaunch and expansion of its Student Program, designed to provide students with very useful insights, mentorship, and hands-on experiences in cybersecurity while fostering a cybersecurity workforce for all. Applications for the 2025 cohort open on February 3, 2025.

Why the Student Program Matters

For over a decade, Trusted CI has significantly impacted the NSF community by equipping researchers and institutions with comprehensive cybersecurity knowledge and resources. Our analysis revealed opportunities to extend this impact by engaging students from a wider range of academic fields, such as those in the NSF Education and Human Resources (EHR) and Biological Sciences (BIO) Directorates, as well as reaching out to new institutions not currently engaged in cybersecurity programs. The Student Program aims to ensure that perspectives from across all disciplines and institutions contribute to shaping the future of cybersecurity.

Alumni Insights: Mentorship and Impactful Experiences in Cybersecurity

On the Mentor Program

Sandra Darkson - University of New Haven, MS in Cybersecurity and Networks
“My mentor (Carolyn Ellis) is really one of a kind; she is among those few individuals who sees the potential in me and, at the same time, believes so much in me that this belief drives me to work harder, and strive for excellence. I am so fortunate enough to have her as my guide and mentor on my path.”

On the Poster Session

Nana Sarfo Dwomoh - Sam Houston State University, MS Information Assurance & Cybersecurity
“The 2024 NSF Cybersecurity Summit was a big, unforgettable platform for me as a Cybercorp  Scholar, where I presented my poster, "Defending Electoral Integrity in the Age of Cyber Warfare,"  which gave me the chance to share my research on how digital disinformation, botnets, and deepfakes are impacting elections.”

On Networking

Konstantin Metz - University of Central Florida, MS Cybersecurity and Privacy
“The event is unlike any other in the industry! It brings together industry professionals, faculty, and students from across the globe to learn, network, and collaborate on current and emerging cybersecurity issues. It gives students an unparalleled opportunity to learn and grow while showcasing some of their own work. I am honored to have been selected to present and cannot wait for next year!”

Abigail Whittle - Oregon State University, BS in Computer Science
“I had the opportunity to meet some incredibly interesting individuals. Overall, I would highly recommend this experience to other students in the future, as it was beneficial both professionally and educationally, and I took away a lot from it.”

On Capture the Flag

Dignora Castillo-Soto - Bay Path University, MS in Cyber Security
“The CTF session provided a hands-on experience that challenged my problem-solving skills. It was refreshing to participate in a group project, as collaboration helped me gain new insights that I wouldn’t have achieved working solo.”

On Summit Courses

Owen Seltzer - Northeastern University, MS Cybersecurity
“The talks and panel discussions were not only engaging but also thought-provoking, covering topics ranging from emerging threats to innovative protection strategies. As someone still exploring career paths in cybersecurity, I found the presentations particularly enlightening.”

Goals of the Program

The Trusted CI Student Program is committed to:

• Providing Foundational Knowledge: Selected students will gain practical insights into cybersecurity through workshops, mentorship, and participation in the annual NSF Cybersecurity Summit.
• Fostering Community: By actively recruiting students from a wide range of backgrounds, the program aims to create a supportive environment that values a variety of perspectives.
• Empowering Advocacy: Students will serve as cybersecurity ambassadors in their communities, equipping their peers with knowledge and connecting them with Trusted CI for more complex challenges.
• Building Long-Term Connections: Participants will join a growing network of Trusted CI alumni, opening doors to mentorship, networking, and career opportunities in the cybersecurity field.

What’s New in the Trusted CI Student Program for 2025?

The Trusted CI Student Program continues to evolve, and we are excited to share the enhancements coming in 2025! Designed to nurture the next generation of cybersecurity researchers, this program has been refined based on past participant feedback and our commitment to providing a more impactful experience. These changes reflect our goal to improve the program from what it has been and make it more valuable for the entire Trusted CI community, not just prospective students.

Larger Cohorts Over Time
While the program currently welcomes five students annually, our goal is to expand participation to 15 students in future cycles as resources allow. This growth ensures more students benefit from Trusted CI’s expertise.

Alumni Engagement
We recognize the value of long-term connections, which is why past participants will now retain access to valuable program resources and opportunities to attend the Trusted CI Summit. This fosters an ongoing learning community and professional network.

Focused Workshops and Mentorship
Students will gain deeper insights through tailored workshops and dedicated one-on-one mentorship sessions. These sessions will be led by Trusted CI staff and esteemed industry experts, ensuring a well-rounded educational experience.

Streamlined Application Process
To provide a holistic evaluation of applicants, the revised application process will require a personal statement, a professional biosketch, and letters of support. This approach ensures we select students who are not only qualified but also deeply passionate about cybersecurity.

These enhancements are part of our commitment to continually improving the program, ensuring that both new and returning members of the Trusted CI community benefit from its evolution. We look forward to welcoming the 2025 cohort and continuing to build a thriving community of cybersecurity professionals!

What Students Can Expect

The Trusted CI Student Program will run from May to November 2025, featuring webinars and workshops twice a month to foster growth and prepare students for careers in cybersecurity.

From their first day in the program, Students will:

• Attend workshops on cybersecurity fundamentals, career development, and emerging trends.

• Network with top professionals and researchers at the NSF Cybersecurity Summit, an annual conference dedicated to advancing cybersecurity in research and education. This event provides a unique opportunity to learn from experts, engage in discussions on emerging cybersecurity challenges, and build valuable connections within the field.

• Work closely with mentors who will guide their growth and help them navigate the cybersecurity landscape.

• Share their experiences through blog posts, presentations, and outreach activities, inspiring others to explore careers in cybersecurity.

Join a Community of Innovators: Apply for the Trusted CI Student Program

The Trusted CI Student  Program is not just about equipping students with technical skills; it’s about creating a community that values collaboration, and innovation. If you are a student passionate about cybersecurity or know someone who is, we encourage you to apply and join us in shaping a safer, more secure future for science and beyond.

Applications for the 2025 cohort open on February 3, 2025. For more information on how to apply, visit Trusted CI’s website or reach out to students@trustedci.org. Let’s build a stronger cybersecurity community together!

From Silos to Community: The Rapid Rise of RRCoP to Support Regulated Research

The research landscape is evolving rapidly and adding complexity with new cybersecurity compliance requirements. Researchers and research support departments now face a growing list of cybersecurity and compliance tasks that extend beyond individual projects, elevating these obligations to the institutional level. Built on principles of openness and collaboration, research institutions must navigate requests for compliance attestations on data handling, processing, sharing, and storage—areas often outside researchers’ expertise. Without robust training programs or a stable regulatory landscape, individuals are frequently left scrambling for current information. Individuals often also lack local colleagues to consult, making them feel isolated and uncertain. This fragmented approach, seen across individuals, departments, institutions, and the national level, inspired the formal creation of the Regulated Research Community of Practice (RRCoP) in 2021 after individuals led a series of workshops focusing on commonalities of challenges facing institutions supporting regulated research.

RRCoP brings together a rapidly growing network of professionals addressing the unique challenges of cybersecurity and compliance in academic research. Led by Trusted CI Co-PI Carolyn Ellis, Director of Research Cybersecurity and Compliance at Arizona State University, RRCoP fosters connections and builds expertise across institutions. Ellis co-founded the community while managing Purdue University’s research Controlled Unclassified Information (CUI) program, where she experienced firsthand the tensions between implementing complex compliance programs and maintaining the openness of academic research. “Today, RRCoP is more than a collection of resources or formal training,” Ellis explains. “We’ve built a community where professionals can learn from one another, collaborate, and tackle big challenges. This community is redefining how institutions support research subject to regulations.”

A map of the Regulated Research Community of Practice’s member locations. (Credit: Carolyn Ellis).

RRCoP informally began as a Slack channel in 2018 when Ellis, searching for ongoing conversations beyond conferences, came up empty. RRCoP has grown into a dynamic, fast-expanding network connecting over 1,100 members from 330 institutions, ranging from R1 universities to community colleges and international partners. Daily Slack interactions foster collaboration and act as early warning systems as members share insights from diverse information venues. This connectivity bridges many communities that contribute to the regulated research landscape.

RRCoP has also developed a wealth of resources, including a recorded monthly webinar series held on the second Wednesday of each month, co-located training seminars at conferences, mentoring opportunities, and an annual hands-on workshop designed to address the most pressing challenges in regulated research. In 2022, RRCoP facilitated a full-day workshop at the EDUCAUSE Cybersecurity Privacy Professionals Conference, where attendees collaboratively wrote responses to 43 controls in a System Security Plan. The 2023 workshop brought higher education professionals together with certified assessors for a cost-effective day of dialogue. All RRCoP resources are offered at no cost to the community and are accessible on their comprehensive website at regulatedresearch.org. Most recently, two leaders of the RRCoP community, Ellis and Erik Deumens, have collaborated on an article about the pressing need for compliance requirements in research in Communications of the ACM. Review the highlights of RRCoP’s 2024.  

Trusted CI has expanded its mission to support regulated research by building on the expertise and resources developed by RRCoP. Trusted CI is able to sustain the valuable services RRCoP offers; Trusted CI’s team members will provide additional expertise, access to its extensive community, and established processes. Moving forward, RRCoP aims to use this collective voice to elevate the unique challenges faced by higher education to decision-makers. Additionally, extending Trusted CI’s established resources into the higher education community, which is supported by RRCoP, will strengthen both groups. Together, the Trusted CI and RRCoP communities will continue to grow by sharing services, expertise, and relationships, creating a stronger foundation for supporting regulated research across institutions.

The December 2024 RRCoP webinar featured a presentation titled Trusted CI & RRCoP’s Next Five Years, presented by Sean Peisert, Trusted CI Director and PI, Scott Russell, Trusted CI Deputy Director and Framework Lead, Carolyn Ellis, Trusted CI Co-PI and Regulated Research Lead.

Trusted CI Webinar: A Unified Monitoring Approach to Enhancing the Security and Resiliency of Hazard Workflows, Monday January 27th @12pm Central

Sudarsun Kannan and Ram Durairajan are presenting the talk, A Unified Monitoring Approach to Enhancing the Security and Resiliency of Hazard Workflows, on Monday January 27th at 12pm, Central time. (Note the time change)

Please register here.

In this talk, we will first discuss techniques to improve the resiliency of hazard monitoring systems. This includes optimizing machine learning training pipelines for wildfire detection to achieve faster, more accurate results while adapting to real-world constraints such as data variability and network latencies. We will also explore enabling multi-tenancy to maximize resource efficiency by allowing multiple hazard detection workflows to share infrastructure without compromising performance. Furthermore, we will present an in-depth analysis of power and energy consumption for edge devices deployed in remote and resource-constrained environments, emphasizing sustainable and scalable design choices that support long-term operation. Next, we will describe ongoing efforts to enhance the security of critical cyberinfrastructures. This includes developing techniques to prevent denial-of-service attacks that could disrupt hazard monitoring workflows and implementing secure data transmission mechanisms to safeguard information across distributed CI layers.

Speaker Bios: 

Sudarsun Kannan is an Assistant Professor in the Computer Science Department at Rutgers University. His research focuses on operating system design and its intersection with computer architecture, distributed systems, and high-performance computing (HPC) systems. His work has been published in top venues such as ASPLOS, OSDI, and FAST, and he has received best paper awards at SOSP and ASPLOS, along with the Google Research Scholar award. He co-chaired the HotStorage'22 workshop and serves as an Associate Editor for ACM Transactions on Storage. Before joining Rutgers, he was a postdoctoral research associate at Wisconsin-Madison and graduated with an M.S. and Ph.D. from Georgia Tech.

Ramakrishnan (Ram) Durairajan is an Associate Professor in the School of Computer and Data Sciences, and co-directs the Oregon Networking Research Group (ONRG) at the University of Oregon. Ram earned his Ph.D. and M.S. degrees in Computer Sciences from the University of Wisconsin - Madison and his B.Tech. in Information Technology from the College of Engineering, Guindy (CEG), Anna University. He has published over 50 peer-reviewed papers in various conferences, journals, and workshops. His research has been recognized with several awards including the NSF CAREER award, NSF CRII award, Ripple faculty fellowship, UO faculty research award, best paper awards from ACM CoNEXT and ACM SIGCOMM GAIA, and has been covered in several fora (NYTimes, MIT Technology Review, Popular Science, Boston Globe, Gizmodo, Mashable, among others). Recently, his research on Internet topology has been named as "One of the 100 Greatest Innovations," has been cited in FCC's Spectrum Frontiers 2d Report and Order, and has won a number of awards including the "Best of What's New" (in security category) by the Popular Science Magazine.

---

Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."