SPHERE and Trusted CI Collaborate to Strengthen Research Security

In February 2026, the NSF-funded Security and Privacy Heterogeneous Environment for Reproducible Experimentation (SPHERE) project hosted a week-long cybersecurity residency with Trusted CI, the National Science Foundation’s Cybersecurity Center of Excellence. The residency marked an important milestone in SPHERE’s transition from construction toward sustained operations, strengthening an already robust security posture through formal alignment with widely recognized best practices.

SPHERE previously partnered with Trusted CI during the 2024 Trusted CI Framework Cohort, where the SPHERE team adopted the Trusted CI Framework and completed a structured self-assessment of its cybersecurity program against the framework’s 16 Musts. The Musts identify the concrete, critical requirements for establishing and running a competent cybersecurity program. That cohort experience validated SPHERE’s foundational approach to security, while also highlighting an important next step: formally adopting a baseline cybersecurity control set and performing a gap analysis between that baseline and SPHERE’s existing controls. The Trusted CI Framework specifically recommends adoption of a recognized baseline control set in its Must 15.

Building on that groundwork, the February 2026 residency embedded Trusted CI staff directly with the SPHERE DevOps team for one intensive week at the USC Information Sciences Institute in Marina del Rey, CA. Working side by side, the teams aligned SPHERE’s existing cybersecurity controls with the CIS Critical Security Controls (CIS Controls v8), which SPHERE has now formally adopted as its baseline control set.

This work focused on mapping SPHERE’s existing practices to the CIS Controls, identifying gaps, and prioritizing future improvements. The residency also strengthened SPHERE’s alignment with NSF’s evolving expectations for research security, including closer alignment with the NSF Research Infrastructure Guide (RIG) and its set of 14 critical controls. By grounding its program in both the Trusted CI Framework and the CIS Controls, SPHERE gained a common language for documenting controls, reduced reliance on ad hoc decision-making, and ensured consistency with broadly accepted community standards.

During the residency, Trusted CI conducted site visits at all the sites that host SPHERE physical infrastructure. They visited the ISI and USC server rooms, and met virtually with SPHERE co-PIs and their teams at Northeastern University Khoury College of Computer Sciences and the University of Utah Kahlert School of Computing. These discussions helped ensure that SPHERE’s distributed architecture is protected in a coordinated and consistent manner across institutions.

With the gap analysis complete, SPHERE is well positioned to prioritize future security investments as it moves toward full operations. The outcome directly supports SPHERE’s core mission of enabling realistic and reproducible experimentation without compromising trust in the facility or the science it supports. Achieving this mission requires protecting the underlying infrastructure from attack and security breaches, safeguarding the integrity and availability of shared resources, and ensuring strong isolation and protection of researcher experiments and data.

SPHERE will share lessons learned from the residency with the broader Trusted CI Research Infrastructure Security Community (RISC), contributing back to the ecosystem that helped shape its approach.

 

SPHERE (Security and Privacy Heterogeneous Environment for Reproducible Experimentation) is an NSF Mid-scale Research Infrastructure-1 project (Award #2330066) spanning USC Information Sciences Institute, Northeastern University, and the University of Utah. SPHERE provides a public testbed for reproducible science and experimentation tailored to the needs of cybersecurity and privacy researchers and educators.

Trusted CI, the NSF Cybersecurity Center of Excellence, is supported by the National Science Foundation under Interagency Agreement #A2407-049-089-064206.0. Trusted CI’s mission is to enable trustworthy NSF science by partnering with cyberinfrastructure operators to build and maintain effective cybersecurity programs, publishing resources for the broader NSF community, and advancing the processes, tools, and knowledge needed to secure research progress.

2026 Trusted CI Scholars Program Now Accepting Applications

 As cybersecurity becomes increasingly vital across the scientific community, cultivating the next generation of cybersecurity leaders has never been more important. Trusted CI is proud to announce the Trusted CI Scholars Program (formerly Trusted CI Student Program), designed to equip students with essential skills, insights, mentorship, and hands-on experiences in cybersecurity.

The Trusted CI Scholars Program goes beyond technical training. It is about building a collaborative and innovative community of emerging leaders. If you are a student passionate about cybersecurity—or know someone who is—we encourage you to apply and join us in shaping a safer, more secure future for science and beyond.

Why Trusted CI Scholars Matter

Through mentorship, applied learning, and sustained interaction with cyberinfrastructure practitioners and the broader NSF community, Scholars learn from the processes, tools, and knowledge that Trusted CI advances to support secure research. In doing so, the program extends Trusted CI’s impact into the next generation of the cybersecurity workforce.

Additionally, as Trusted CI begins addressing the needs of higher education institutions related to research security, cybersecurity requirements, and artificial intelligence, early and proactive student engagement with these topics lays important groundwork for developing the skills, awareness, and readiness they may need to secure the nation’s science and research enterprise.

Goals of the Program

The Trusted CI Scholars Program is committed to:

1. Providing Foundational Knowledge: Gain practical insights into cybersecurity through workshops, mentorship, and participation in the annual NSF Cybersecurity Summit.

2. Growing Leadership Skills: Strengthen communication, collaboration, integrity and adaptability.

3. Empowering Advocacy: Serve as cybersecurity ambassadors within your communities, sharing knowledge with peers and connecting them to Trusted CI for advanced support.

4. Building Long-Term Connections: Join a growing network of Trusted CI alumni, opening doors to coaching, networking, and career opportunities in the cybersecurity field.

Highlights for 2026

This year’s program includes exciting enhancements:

• Focused Workshops and Mentorship: Scholars will engage in tailored workshops and one-on-one mentorship with Trusted CI staff and subject-matter experts.

• Alumni Engagement: Past participants will continue to have access to resources and Summit reunion opportunities, fostering sustained learning and long-term relationships. Alumni are also encouraged to share their experiences through blog posts, presentations, and outreach activities to inspire future cybersecurity professionals.

• Streamlined Application Process: Applicants will submit a personal statement, professional bio sketches, and letters of support, enabling a more holistic evaluation.

Applications are now open on our submission website and close March 6. 

For more information on how to apply, visit Trusted CI’s website or reach out to scholars@trustedci.org.

Together, we’re preparing the next generation of cybersecurity leaders!

Trusted CI 2025 Summit Report Now Available

Last October, Trusted CI convened the 2025 NSF Cybersecurity Summit. This yearly event provides a forum for National Science Foundation (NSF) scientists, researchers, cybersecurity, and cyberinfrastructure (CI) professionals and stakeholders to share effective technical practices and brainstorm solutions to everyday challenges facing cybersecurity environment professionals. When the community comes together for the Summit, they collectively learn from each other.

The 2025 Summit was held in person in Boulder, CO, at the Center Green Campus at UCAR and NSF NCAR.

Interested in reading more takeaways from this year's Summit? Download the full Summit Report from https://doi.org/10.5281/zenodo.18484621