Monday, July 31, 2017

Apply for an Engagement with the NSF Cybersecurity Center of Excellence (applications due October 2)


Conducting one-on-one engagements with NSF projects and facilities is one of CTSC’s core activities.  To complete the application form and learn more about the process visit our site: https://trustedci.org/application/

During CTSC’s first 5 years, we’ve conducted more than 20 one-on-one engagements with NSF-funded projects, Large Facilities, and major science service providers representing the full range of NSF science missions.  We support a variety of engagement types including: assistance in developing, improving, or evaluating an information security program; software assurance-focused efforts; identity management; technology or architectural evaluation; training for staff; and more.

Applications for engagements to be executed in January through June 2018 are due October 2nd, 2017. (Slots are limited, so this is a hard deadline!)


As the NSF Cybersecurity Center of Excellence, CTSC’s mission is to provide the NSF community a coherent understanding of cybersecurity’s role in producing trustworthy science and the information and know-how required to achieve and maintain effective cybersecurity programs.

Thursday, July 27, 2017

Call to Present at the CCoE Webinar

The CCoE webinar team is accepting requests to present in 2018. See our call for presentations below.

Do you have cybersecurity capabilities, lessons learned, tools, and/or research to share with the NSF cyberinfrastructure (CI) community? Are you looking for an opportunity to gain visibility for your work? Present your topic at a CCoE webinar! The CCoE webinar series provides monthly presentations on cybersecurity topics applicable to NSF CI. The webinars are open to the public, and the size of the live audience can vary from 20 to 100 or more. We archive the webinar videos to our Youtube channel for later viewing where they often get 100+ views. We invite your presentation proposals!

Potential topics for webinars may include (but are not limited to):
  • Experience deploying a new cybersecurity capability
  • Experience with a new security policy
  • Incident response lessons learned
  • Risk assessment results
  • Security guidelines and lessons learned when deploying a new CI capability (e.g., Science DMZ, Docker containers, software defined networks, etc.)
  • New cybersecurity research results ready for deployment
  • Experience with cybersecurity compliance (HIPAA, FISMA, etc.)
  • Software assurance tools/experiences
Webinar details:
  • Webinars are scheduled the 4th Monday of the month at 11am Eastern
  • Presentations are approximately 45 minutes long with 15 minutes for attendee questions
  • Webinars are recorded and archived for later use
  • Presentations by groups of up to 4 people are encouraged (e.g., a scientist presenting the motivating use case for a new capability, a security officer presenting the risk assessment, and a CI engineer presenting details on the implementation of the new capability)
Interested in presenting? Contact us here and provide the following information for us to use when advertising your presentation:
  • Topic abstract (less than 3000 characters)
  • Brief bio for speaker(s)
  • Related materials (e.g., links to slides or videos from prior presentations)
  • Photo/image of the project, technology, or speaker(s), to include in the event announcement
  • A project website or other URL for additional information
  • Any scheduling constraints (i.e., in which months are you available to present?)
For more information about the CCoE webinar series, including recordings from past presentations, see our webinar page.

Tuesday, July 25, 2017

CTSC presents half-day workshop at PEARC17

C:\Users\jzage\AppData\Local\Microsoft\Windows\INetCache\Content.Word\20170713_094244.jpgC:\Users\jzage\AppData\Local\Microsoft\Windows\INetCache\Content.Word\20170713_095725.jpgOn Thursday July 13th, CTSC held a workshop on trustworthy scientific cyberinfrastructure at PEARC 2017 in New Orleans. CTSC PI Von Welch Started the day with an overview of NSF Cybersecurity Center of Excellence, including CTSC’s mission, vision, and engagements. Co-PI James Marsteller introduced the cybersecurity challenges for smaller projects and its impact on science, followed by Co-PI Jim Basney presenting the key aspects that define a cybersecurity program.

C:\Users\jzage\AppData\Local\Microsoft\Windows\INetCache\Content.Word\20170713_094444.jpgC:\Users\jzage\AppData\Local\Microsoft\Windows\INetCache\Content.Word\20170713_102709.jpgIn the second session, XSEDE’s Nancy Wilkins-Diehr introduced the Science Gateways Community Institute (SGCI), which was established to provide solutions for sustaining science gateways. Von followed with a presentation on security for science gateways, concentrating on three key aspects: secure software development, identity and access control management, and operational cybersecurity. The remainder of the session was dedicated to lightning talks from workshop attendees. Internet2’s Florence Hudson presented on cybersecurity research transition to practice (TTP) acceleration; a concept aimed at accelerating transitions from NSF-funded late-stage cybersecurity research into research and education environments. Tom Barton (also of Internet2) discussed the globally federated system and what support is needed for research activities. He presented a summary of the current state of eduGAIN, which connects different national federation systems across the globe. And lastly, University of Pittsburgh’s Brian Stengel presented the NSF project Towards Security Assured Cyberinfrastructure in Pennsylvania (SAC-PA), which brings PA-based campus CI-practitioners, IT, and security professionals together to facilitate beneficial relationships in the region.
C:\Users\jzage\AppData\Local\Microsoft\Windows\INetCache\Content.Word\20170713_111209.jpg
Slides from the workshop, as well as many more CTSC training materials, are available on our website.
C:\Users\jzage\AppData\Local\Microsoft\Windows\INetCache\Content.Word\20170713_114904.jpg



IMG_20170713_120137.jpg

Thursday, July 20, 2017

Lodging Deadline Approaching AND Registration Now Closed - 2017 NSF Cybersecurity Summit for Large Facilities and Cyberinfrastructure

This is a reminder that the room block for the 2017 NSF Cybersecurity Summit for Large Facilities and Cyberinfrastructure will close next week on July 28, 2017. In order to take advantage of the group rate, you must reserve your room prior to then. This can be done by following this link.


Additionally, due to overwhelming response, all available spots for the 2017 NSF Cybersecurity Summit for Large Facilities and Cyberinfrastructure have been filled. Therefore, registration has been closed.


The slides from each presentation and training will be posted to the Summit web site shortly after the Summit concludes.

If you have any questions regarding this announcement, please contact Amy Starzynski Coddens at: astarzyn@iu.edu.

Monday, July 17, 2017

Cal Poly Pomona Scholarship for Service Program Engagement

The Scholarship for Service (SFS) program is a partnership between the Department of Homeland Security and the NSF to grant 4-year colleges scholarship funds to encourage students to pursue cybersecurity as a career. Scholarship recipients agree to work for a qualifying federal or state government agency upon graduation as a means of returning the investment in their education with the additional benefit of strengthening critical government infrastructure. Cal Poly Pomona (CPP) received such a grant in 2015 and its program is headed by Professor Mohammad Husain.

Dr. Husain contacted CTSC to request an engagement to provide a hands-on experience in securing cyber infrastructure for the students in the CPP SFS program in the CPP PolySec Lab. After meeting to introduce one another and discuss engagement options, CTSC and CPP agreed to work together to conduct an on-site seminar at CPP for SFS students at CPP and other campuses that introduces the unique cybersecurity challenges of NSF cyberinfrastructure and provides practical training on cybersecurity topics in the areas of expertise of CTSC staff. CTSC staff will encourage the students to consider careers in trustworthy cyberinfrastructure. The seminar is scheduled to occur in mid-October.

We will announce more details about the seminar, and eligible students, as the information becomes available. To learn more about Cal Poly Pomona’s SFS program, see their site.

Wednesday, July 12, 2017

CTSC Completes Engagement With DataONE


CTSC engaged DataONE, an NSF funded project under a Cooperative Agreement through the Division of Advanced Cyberinfrastructure (ACI), in a cyber-checkup -- a high-level review by CTSC of that project’s cybersecurity program.  The engagement began with DataONE undertaking a risk-based survey designed to explore the current state of security within DataONE’s cyberinfrastructure (CI).  To accomplish this, DataONE utilized CTSC’s Risk Evaluation Spreadsheet.  CTSC and DataONE then focused on identifying key areas where DataONE could use its resources most efficiently to strengthen its CI.  Finally, CTSC presented DataONE with a list of opportunities that describe new or updated mechanisms and/or policies in the aforementioned areas such that DataONE could continue to strengthen and advance their cybersecurity posture.

Monday, July 10, 2017

CCoE Webinar July 24th 11am ET: Inaugural Security Program at Internet2

Internet2's Paul Howell is presenting the talk "Inaugural Security Program at Internet2," on July 24th at 11am (Eastern).

Please register here. Be sure to check spam/junk folder for registration confirmation with attached calendar file.
The presentation will cover the introduction of a security program to protect the national R&E network operated by Internet2. Discussed will the methodology to conduct a security risk assessment of the network, the findings from the assessment, and specific improvements undertaken
More information about this presentation is on the event page.

Presentations are recorded and include time for questions with the audience.

Join CTSC's discuss mailing list for information about upcoming events. To submit topics or requests to present, contact us here. Archived presentations are available on our site under "Past Events."