From Silos to Community: The Rapid Rise of RRCoP to Support Regulated Research

The research landscape is evolving rapidly and adding complexity with new cybersecurity compliance requirements. Researchers and research support departments now face a growing list of cybersecurity and compliance tasks that extend beyond individual projects, elevating these obligations to the institutional level. Built on principles of openness and collaboration, research institutions must navigate requests for compliance attestations on data handling, processing, sharing, and storage—areas often outside researchers’ expertise. Without robust training programs or a stable regulatory landscape, individuals are frequently left scrambling for current information. Individuals often also lack local colleagues to consult, making them feel isolated and uncertain. This fragmented approach, seen across individuals, departments, institutions, and the national level, inspired the formal creation of the Regulated Research Community of Practice (RRCoP) in 2021 after individuals led a series of workshops focusing on commonalities of challenges facing institutions supporting regulated research.

RRCoP brings together a rapidly growing network of professionals addressing the unique challenges of cybersecurity and compliance in academic research. Led by Trusted CI Co-PI Carolyn Ellis, Director of Research Cybersecurity and Compliance at Arizona State University, RRCoP fosters connections and builds expertise across institutions. Ellis co-founded the community while managing Purdue University’s research Controlled Unclassified Information (CUI) program, where she experienced firsthand the tensions between implementing complex compliance programs and maintaining the openness of academic research. “Today, RRCoP is more than a collection of resources or formal training,” Ellis explains. “We’ve built a community where professionals can learn from one another, collaborate, and tackle big challenges. This community is redefining how institutions support research subject to regulations.”

A map of the Regulated Research Community of Practice’s member locations. (Credit: Carolyn Ellis).

RRCoP informally began as a Slack channel in 2018 when Ellis, searching for ongoing conversations beyond conferences, came up empty. RRCoP has grown into a dynamic, fast-expanding network connecting over 1,100 members from 330 institutions, ranging from R1 universities to community colleges and international partners. Daily Slack interactions foster collaboration and act as early warning systems as members share insights from diverse information venues. This connectivity bridges many communities that contribute to the regulated research landscape.

RRCoP has also developed a wealth of resources, including a recorded monthly webinar series held on the second Wednesday of each month, co-located training seminars at conferences, mentoring opportunities, and an annual hands-on workshop designed to address the most pressing challenges in regulated research. In 2022, RRCoP facilitated a full-day workshop at the EDUCAUSE Cybersecurity Privacy Professionals Conference, where attendees collaboratively wrote responses to 43 controls in a System Security Plan. The 2023 workshop brought higher education professionals together with certified assessors for a cost-effective day of dialogue. All RRCoP resources are offered at no cost to the community and are accessible on their comprehensive website at regulatedresearch.org. Most recently, two leaders of the RRCoP community, Ellis and Erik Deumens, have collaborated on an article about the pressing need for compliance requirements in research in Communications of the ACM. Review the highlights of RRCoP’s 2024.  

Trusted CI has expanded its mission to support regulated research by building on the expertise and resources developed by RRCoP. Trusted CI is able to sustain the valuable services RRCoP offers; Trusted CI’s team members will provide additional expertise, access to its extensive community, and established processes. Moving forward, RRCoP aims to use this collective voice to elevate the unique challenges faced by higher education to decision-makers. Additionally, extending Trusted CI’s established resources into the higher education community, which is supported by RRCoP, will strengthen both groups. Together, the Trusted CI and RRCoP communities will continue to grow by sharing services, expertise, and relationships, creating a stronger foundation for supporting regulated research across institutions.

The December 2024 RRCoP webinar featured a presentation titled Trusted CI & RRCoP’s Next Five Years, presented by Sean Peisert, Trusted CI Director and PI, Scott Russell, Trusted CI Deputy Director and Framework Lead, Carolyn Ellis, Trusted CI Co-PI and Regulated Research Lead.

Trusted CI Webinar: A Unified Monitoring Approach to Enhancing the Security and Resiliency of Hazard Workflows, Monday January 27th @12pm Central

Sudarsun Kannan and Ram Durairajan are presenting the talk, A Unified Monitoring Approach to Enhancing the Security and Resiliency of Hazard Workflows, on Monday January 27th at 12pm, Central time. (Note the time change)

Please register here.

In this talk, we will first discuss techniques to improve the resiliency of hazard monitoring systems. This includes optimizing machine learning training pipelines for wildfire detection to achieve faster, more accurate results while adapting to real-world constraints such as data variability and network latencies. We will also explore enabling multi-tenancy to maximize resource efficiency by allowing multiple hazard detection workflows to share infrastructure without compromising performance. Furthermore, we will present an in-depth analysis of power and energy consumption for edge devices deployed in remote and resource-constrained environments, emphasizing sustainable and scalable design choices that support long-term operation. Next, we will describe ongoing efforts to enhance the security of critical cyberinfrastructures. This includes developing techniques to prevent denial-of-service attacks that could disrupt hazard monitoring workflows and implementing secure data transmission mechanisms to safeguard information across distributed CI layers.

Speaker Bios: 

Sudarsun Kannan is an Assistant Professor in the Computer Science Department at Rutgers University. His research focuses on operating system design and its intersection with computer architecture, distributed systems, and high-performance computing (HPC) systems. His work has been published in top venues such as ASPLOS, OSDI, and FAST, and he has received best paper awards at SOSP and ASPLOS, along with the Google Research Scholar award. He co-chaired the HotStorage'22 workshop and serves as an Associate Editor for ACM Transactions on Storage. Before joining Rutgers, he was a postdoctoral research associate at Wisconsin-Madison and graduated with an M.S. and Ph.D. from Georgia Tech.

Ramakrishnan (Ram) Durairajan is an Associate Professor in the School of Computer and Data Sciences, and co-directs the Oregon Networking Research Group (ONRG) at the University of Oregon. Ram earned his Ph.D. and M.S. degrees in Computer Sciences from the University of Wisconsin - Madison and his B.Tech. in Information Technology from the College of Engineering, Guindy (CEG), Anna University. He has published over 50 peer-reviewed papers in various conferences, journals, and workshops. His research has been recognized with several awards including the NSF CAREER award, NSF CRII award, Ripple faculty fellowship, UO faculty research award, best paper awards from ACM CoNEXT and ACM SIGCOMM GAIA, and has been covered in several fora (NYTimes, MIT Technology Review, Popular Science, Boston Globe, Gizmodo, Mashable, among others). Recently, his research on Internet topology has been named as "One of the 100 Greatest Innovations," has been cited in FCC's Spectrum Frontiers 2d Report and Order, and has won a number of awards including the "Best of What's New" (in security category) by the Popular Science Magazine.

---

Join Trusted CI's announcements mailing list for information about upcoming events. To submit topics or requests to present, see our call for presentations. Archived presentations are available on our site under "Past Events."