Friday, April 18, 2014

CTSC Engagement: Helping IceCube enhance a well-established cybersecurity program

In the CTSC-IceCube engagement, personnel from both organizations worked together to assess IceCube’s current cybersecurity program, and identify areas for improvement.  As a result, CTSC proposed a cybersecurity improvement plan for IceCube’s cyberinfrastructure, which is available publicly at http://trustedci.org/icecube/.


The CTSC team found IceCube to have a relatively mature cybersecurity program in comparison to other CI projects of similar size.
The first step in the process was to conduct a risk assessment of the IceCube project to identify assets, risks, threats and vulnerabilities. The assessment included a review of existing IceCube security policies and procedures. Members of both CTSC and IceCube participated in the assessment process to categorize and weight identified risks.  This analysis was used to determine the best way resources can be applied to further strengthen IceCube’s cyberinfrastructure.  

We thank and acknowledge the IceCube team, particularly Steve Barnet, Gonzalo Merino, Paul Wisniewski, and Matt Newcomb, for the collaborative effort and for IceCube’s commitment to information security.