In June 2015, as a precursor to a forthcoming full engagement, Gemini Observatory and CTSC undertook a brief, but very intensive “cybercheckup”-style engagement. Using Indiana University’s REDCap service (https://redcap.uits.iu.edu/), CTSC has developed a questionnaire designed to gather key pieces of information regarding the information security program at large-scale NSF projects and facilities. Gemini personnel completed this questionnaire, and met with the CTSC engagement team on two occasions, to discuss the cybercheckup process and provide more detailed information. In early July, CTSC delivered a report to Gemini with recommendations for the Gemini information security program, prioritized by CTSC’s estimated cost and impact in implementing the recommendations. Following the NSF Cybersecurity Summit, we will sit down in person in Arlington to review the report. Gemini and CTSC will use these results to structure and make the most of our Fall 2015 full engagement.
"I feel very fortunate to have the resources of CTSC available to Gemini Observatory as we develop a more mature, comprehensive "v2.0" cybersecurity program. The breadth and depth of knowledge and experience that the CTSC team has contributed thus far is vast, and has been key in gaining budgetary and Directorate support for cybersecurity initiatives.” -- Tim Minick, Information Technology Services Manager, Gemini Observatory
CTSC thanks Gemini for the effort and openness required to make this kind of activity valuable.