Tuesday, July 9, 2024

Trusted CI Webinar: Automated Building and Deploy Testing — Using Zeek as an example, Monday July 22nd @ 11am Eastern

ESnet's Michael Dopheide is presenting the talk, Automated Building and Deploy Testing — Using Zeek as an example, on July 22nd at 11am Eastern time.

Please register here.

At ESnet, we pride ourselves on being cutting-edge, even if it causes a few scratches. Every new branch of Zeek is automatically built and tested in Gitlab CI. Then, every night, the latest successful 'master' build is deployed, along with all of our packages and scripts, to a test system via Ansible. As time permits, we roll out the latest build, in production, to over 40 servers.
 
Through this process we've both been able to provide early feedback to the Zeek project about potential bugs and give ourselves an early warning system when changes impact our production plugins and scripts.

Zeek is an open source network security monitoring tool.  This does not focus on the use of Zeek itself, but rather the care and feeding of our installation footprint.

Speaker Bio: Michael “Dop” Dopheide has spent the majority of his career working in the R&E community specializing in systems engineering, security research, incident response, and network intrusion detection. He especially enjoys helping coworkers debug problems at the packet and protocol levels. In addition to his operational security role, Dop helps support the open source Zeek community and volunteers every year to beta test the SANS Holiday Hack challenge.

---
Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

Monday, June 10, 2024

Trusted CI Webinar: The Transformative Twelve: Taking a Practical, Evidence-Based Approach to Cybersecurity Controls, Monday June 24th @ 11am Eastern

Indiana University's Craig Jackson is presenting the talk, The Transformative Twelve: Taking a Practical, Evidence-Based Approach to Cybersecurity Controls, on June 24th at 11am Eastern time.

Please register here.

Controls aren’t everything, but they are an important rubber-meets-the-road component of your cybersecurity strategy and program. This webinar will help you will understand the role controls play in a competent cybersecurity program through the lens of the Trusted CI Framework. And, with help cutting through the noise of the many, many controls and control sets in the wild, it will introduce you to the Transformative Twelve, a small, highly prioritized, evidence-based set of cybersecurity controls.

Speaker Bio: Craig Jackson is Deputy Director at the Indiana University Center for Applied Cybersecurity Research, where his R&D interests include evidence-based approaches to security, cybersecurity fundamentals, and cybersecurity program development and governance. He leads collaborative work with critical infrastructure partners. His work includes the Trusted CI Framework, the Information Security Practice Principles, and the Cybertrack and USN’s PACT assessment methodologies. Craig’s education background is in law, education, psychology, and philosophy.

---
Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

Wednesday, May 29, 2024

Now Open - 2024 NSF Cybersecurity Summit Call for Participation


It is our pleasure to announce that the 2024 NSF Cybersecurity Summit Call for Participation is now open! The Summit Program Committee seeks proposals for:


  • Plenary presentations

  • TLP:RED talks

  • Workshops

  • Trainings

  • Birds of a Feather (BoFs)

  • Project meetings

  • Poster session submissions


Last month, we asked the NSF cyberinfrastructure community which topics the Summit should address. Below are the top 10 results from the community poll. We strongly encourage proposals that address: 


1

Generative AI for Security

2

Security Management for Open Source Software

3

Zero Trust Architecture

4

Security and Privacy issues when using Generative AI

5

Threats Unique to Research in Cyberinfrastructure

6

Supercomputing/HPC Specific Security Challenges

7

Regulated Research Security, Privacy and Compliance (HIPAA, CMMC, FAR, etc)

8

Cloud Security

9

Network Security and Defense

10

Specialized HPC for Compliance (HIPAA, CUI, DBGap)



More detail and guidance on submitting proposals can be found here: https://www.trustedci.org/2024-cfp

The Summit provides a forum for National Science Foundation (NSF) funded scientists, researchers, cybersecurity, and cyberinfrastructure (CI) professionals and stakeholders to develop community and share best practices. The Summit will offer attendees training sessions and workshops with hands-on learning of security tools, security program development and compliance for research. 

The deadline for proposal submissions is Jun 23, 2024

Thank you on behalf of the Program and Organizing Committees. We look forward to receiving your proposals and hope to see you in October in Pittsburgh!


Wednesday, May 8, 2024

Highlights from the 2024 NSF Research Infrastructure Workshop

Kitt Peak National Observatory, photo courtesy of Terry Fleury
Members of Trusted CI had an extraordinary experience at the 2024 NSF Research Infrastructure Workshop in Tucson, Arizona March 26-29. The workshop was held in the foothills of the Santa Catalina Mountains and co-hosted by NOIRLab, the University of Arizona’s Biosphere 2, and its Richard F. Caris Mirror Lab Facility. The week was full of important presentations; impactful meetings with representatives from Major Facilities, Mid-Scales, and NSF; as well as a set of tours that left a lasting impression on the workshop attendees. 

The RIW officially began on a Tuesday, but Trusted CI held its quarterly Research Infrastructure Security Community (RISC) meeting the day before, taking advantage of a number of Framework cohort members traveling to Tucson to attend the RIW. The RISC meeting included a presentation from NSF’s Cybersecurity Advisor for Research Infrastructure, Mike Corn, to discuss the upcoming revision of the NSF Research Infrastructure Guide and potential changes related to cybersecurity. On Tuesday evening, Trusted CI’s “Secure by Design” team participated in the poster session. Their poster, “Cybersecurity Risks to Large Science Projects,” won second place in the poster competition. 

Overall, the RIW program agenda emphasized topics that impact members of the Trusted CI community, notably the tracks on Cyberinfrastructure (Tuesday) and Cybersecurity (Thursday), as well as a plenary talk on Friday that covered a recent cybersecurity incident at one of the NOIRLab sites.

On Wednesday, in-person attendees were given the opportunity to join one of three different tours organized by the event committee: Kitt Peak National Observatory, Biosphere 2 or the Richard F. Caris Mirror Lab.

Trusted CI highly encourages members of the NSF cyberinfrastructure operations community to attend next year’s workshop and thanks the RIW organizers and co-hosts for another great event. Materials from this year's workshop will be posted soon to the NSF Research Infrastructure Knowledge Sharing Gateway.

Friday, May 3, 2024

Trusted CI Webinar: NSF's 2025 Research Infrastructure Guide: Information Assurance, Monday May 20th @ 11am Eastern

NSF's Michael Corn is presenting the talk, NSF's 2025 Research Infrastructure Guide: Information Assurance, on May 20th at 11am Eastern time.

Please register here.

NSF's major facilities represent some of the most significant research facilities on the globe. The forthcoming revision to the Research Infrastructure Guide (or RIG) details NSF's guidance on securing these facilities and its expectations for cybersecurity programs at the major facilities. This presentation will explain how we approached shaping this guidance, the unique challenges we faced, and offer a peek at some of the resulting guidance the revised RIG will provide.
Speaker Bio: Michael Corn has been a CISO at four institutions (UIUC, Illinois System, Brandeis University, and most recently UC San Diego). A regular author on a variety of privacy, cybersecurity and identity related topics, he is currently the Cybersecurity Advisor for Research Infrastructure in the Office of the Chief Officer for Research Facilities and additionally provides support to the Office of the Chief of Research Security Strategy and Policy within NSF. A recent online presentation on cybersecurity policy can be found at https://bit.ly/3JIpI8w.

---
Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

Tuesday, April 9, 2024

Trusted CI Webinar: SPHERE - Security and Privacy Heterogeneous Environment for Reproducible Experimentation, Monday April 22nd

Dr. Jelena Mirkovic and David Balenson are presenting the talk, SPHERE - Security and Privacy Heterogeneous Environment for Reproducible Experimentation, on April 22nd at 12pm Eastern time.

NOTE: This webinar is scheduled one hour later than the usual time.

Please register here.

Cybersecurity and privacy threats increasingly impact our daily lives, our national infrastructures, and our industry. Recent newsworthy attacks targeted nationally important infrastructure, our government, our researchers, and research facilities. The landscape of what needs to be protected and from what threats is rapidly evolving as new technologies are released and threat actors improve their capabilities through experience and close collaboration. Meanwhile, defenders often work in isolation, use private data and facilities, and produce defenses that are quickly outpaced by new threats. To transform cybersecurity and privacy research into a highly integrated, community-wide effort, researchers need a common, rich, representative research infrastructure that meets the needs across all members of the community, and facilitates reproducible science.

To meet these needs, USC Information Sciences Institute and Northeastern University have been funded by the NSF mid-scale research infrastructure program to build Security and Privacy Heterogeneous Environment for Reproducible Experimentation (SPHERE). This infrastructure will offer access to an unprecedented variety of hardware, software, and other resources connected by user-configurable network substrate, and protected by a set of security policies uniquely aligned with cybersecurity and privacy research needs. SPHERE will offer six user portals, closely aligned with needs of different user groups. It will support reproducible research through a combination of infrastructure services (easy experiment packaging, sharing and reuse) and community engagement activities (development of realistic experimentation environments and contribution of high-quality research artifacts).

Speaker Bios:

Dr. Jelena Mirkovic is Principal Scientist at USC-ISI and Research Associate Professor at USC. She received her MS and PhD from UCLA, and her BSc from University of Belgrade, Serbia. Jelena's research interests span networking and cybersecurity fields, as well as testbed experimentation. Her current research is focused on authentication, use of machine learning for network attack detection, large-scale dataset labeling for security, and user privacy. She is the lead PI on the SPHERE project.

Mr. David Balenson is Senior Supervising Computer Scientist and Associate Director of the Networking and Cybersecurity Division at USC-ISI. He received his MS and BS in Computer Science from the University of Maryland. His current research interests include cybersecurity and privacy for critical infrastructure and cyber-physical systems including automotive and autonomous vehicles, experimentation and test, technology transition, and multidisciplinary research. He is the Community Outreach Director for SPHERE.


---
Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."

Wednesday, April 3, 2024

Tapis more secure following Trusted CI code-level review

Trusted CI has published a new success story on its collaboration with Tapis. In 2023, the Texas Advanced Computing Center engaged Trusted CI, the NSF Cybersecurity Center of Excellence, to assess the security of its Tapis software. Applying First Principles Vulnerability Assessment methodology, the Trusted CI team found four serious security vulnerabilities and one bug in the Tapis code and made several recommendations to improve Tapis’ security.