Monday, December 9, 2019

Trusted CI Incident Response Report 2019-10-02_01

As I discussed during my presentation at the NSF Cybersecurity Summit in October, Trusted CI inadvertently exposed an embargoed engagee report earlier this year. Our first time doing incident response as a project also revealed some weaknesses in our response planning that could have been problematic for a more serious incident.

With the approval of the impacted engagee, we are now making our internal report on the incident and our plans to improve public. Please find the URL to the report at the bottom of this blog post.

The community’s trust in us is paramount and we hope this transparency helps you maintain that trust in us. We welcome questions and suggestions.

Von Welch, Trusted CI Director


Trusted CI Incident Response Report 2019-10-02_01
Available at http://hdl.handle.net/2022/24845

Report Summary
A Trusted CI engagement report with the Singularity team at Sylabs was inadvertently published prematurely due to miscommunication within the Trusted CI team. A secondary leak was discovered in the resume of a Trusted CI team member and weaknesses were discovered in the incident response process of Trusted CI. This report describes these events and the steps Trusted CI took in responding. An analysis of those events follows along with a set of planned remediations by Trusted CI to avoid a future incident and strengthen Trusted CI’s incident response processes.