the nsf cybersecurity center of excellence
play

The NSF Cybersecurity Center of Excellence James A. Marsteller CTSC - PowerPoint PPT Presentation

Apr 01, 2023 •420 likes •697 views

The NSF Cybersecurity Center of Excellence James A. Marsteller CTSC Co-PI Towards Security Assured Cyberinfrastructure in Pennsylvania (SAC-PA) CI Cybersecurity Workshop June 22nd 2017 trustedci.org NSF Cybersecurity Center of Excellence

  1. The NSF Cybersecurity Center of Excellence James A. Marsteller CTSC Co-PI Towards Security Assured Cyberinfrastructure in Pennsylvania (SAC-PA) CI Cybersecurity Workshop June 22nd 2017 trustedci.org

  2. NSF Cybersecurity Center of Excellence (CCoE) CTSC began with a 3-year NSF grant in 2012. NSF 2015 Cybersecurity InnovaRon for Cyberinfrastructure (CICI) solicitaRon called for an NSF CCoE. CTSC submiHed a proposal to conRnue its funding as a CCoE and was awarded this honor. hHp://www.nsf.gov/pubs/2015/nsf15549/nsf15549.htm 2

  3. http://trustedci.org/who-we-are/ 3

  4. What Really Matters? Trusted and Reproducible Science 4

  5. Center for Trustworthy Cyberinfrastructure The NSF Cybersecurity Center of Excellence Mission Provide the NSF community a coherent understanding of cybersecurity’s role in producing trustworthy science and the informaRon and know- how required to achieve and maintain effecRve cybersecurity programs. 5

  6. Vision for the NSF Science Community 1. For the NSF science community to understand fully the role of cybersecurity in producing trustworthy science. 2. For all NSF projects and faciliRes to have the informaRon and resources they need to build and maintain effecRve cybersecurity programs appropriate for their science missions, and responsive to evolving risks and requirements. 3. For all NSF Large FaciliRes to have highly effecRve cybersecurity programs. 6

  7. CCoE Thrusts Building Community NSF Cybersecurity Summit, Monthly Webinars, Blog, Email Lists, Partnerships, Benchmarking Survey Sharing Knowledge Guide to Developing Cybersecurity Programs for NSF Science and Engineering Projects, IdenRty Management Best PracRces, SituaRonal Awareness, Training, OSCTP Collaboration to Tackle Challenges: Engagements LIGO, SciGaP, IceCube, Pegasus, CC-NIE peer review, DKIST, LTERNO, DataONE, SEAD, CyberGIS, HUBzero, Globus, LSST, NEON, U. Utah, PSU, OOI, Gemini, Array of Things, IBEIS, SciGaP, US AntarcRc Program... More information at trustedci.org 7

  8. New CCoE Activities Building Community NSF Cybersecurity Summit, Monthly Webinars, Blog, Email Lists, Partnerships, Benchmarking Survey Sharing Knowledge Guide to Developing Cybersecurity Programs for NSF Science and Engineering Projects, IdenRty Management Best PracRces, SituaRonal Awareness, Training, OSCTP Collaboration to Tackle Challenges: Engagements LIGO, SciGaP, IceCube, Pegasus, CC-NIE peer review, DKIST, LTERNO, DataONE, SEAD, CyberGIS, HUBzero, Globus, LSST, NEON, U. Utah, PSU, OOI, Gemini, Array of Things, IBEIS, SciGaP, US AntarcRc Program... More information at trustedci.org 8

  9. Collaboration to Tackle Challenges: Engagements 9

  10. Engagements Focused collaboraRons with one (or small group) of NSF Examples: projects to tackle a project’s Developing a cybersecurity program cybersecurity or idenRty and Assessing an exisRng program Sodware assurance/evaluaRon access management challenge. Custom training IAM design CCoE’s Rme is covered by our Your challenge here... NSF grant. 10

  11. Any challenge is in scope! Science Gateways More examples... w/SGCI SI2 InsRtute: Drading a Privacy Policy (AoT) hHp://sciencegateways.org/news/collaboraRon-ctsc/ Security Officer search (LIGO) IdenRty and Access Management: hHp://trustedci.org/iam/ Sodware Assurance: hHp://trustedci.org/sodware-assurance/ 11

  12. hHp://trustedci.org/applicaRon Demand outpacing Supply, online applicaRon process. Summer 2017: Begin accepRng applicaRons for consideraRon for execuRon in the first half of CY 2018. 12

  13. Sharing Knowledge Guides, Best Practices, Situational Awareness, Training 13

  14. Situational Awareness Advise NSF CI community about relevant sodware vulnerabiliRes and provide guidance on miRgaRon. Leverage NIST, US-CERT, XSEDE, REN-ISAC, and other sources of vulnerability informaRon. Please subscribe to the email list(s) to receive situaRonal awareness noRficaRons of relevance to you. hHp://trustedci.org/situaRonal-awareness/ 14

  15. Cybersecurity Guides and Tools Addressing concerns unique to science Policy templates: Acceptable Use, Access Control, Asset Management, Disaster Recovery, Incident Response, Inventory, Awareness, Physical Security, ... Risk assessment table Securing commodity IT Self-assessment Tool IdenRty Management Best PracRces hHp://trustedci.org/guide hHp://trustedci.org/iam 15

  16. NSF Cybersecurity Summit, XSEDE, SuperCompuRng, other locaRons by request. Topics: Cybersecurity Program Development, Incident Response, Secure Coding, Sodware Engineering... hHp://trustedci.org/trainingmaterials/ 16

  17. The Open Science Cyberthreat ProPile: Understanding the Cybersecurity of Science ScienRsts and cybersecurity professionals need to communicate to understand the risks related to science assets to the science mission. OSCTP working group is developing a profile of open science assets and their common risks to aid risk management for open science. Members: AlRntas (SDSC), Bevier (Caltech), Cuff (Harvard), LeDuc PresentaRons from ATLAS, IBEIS, (Northwestern), Meunier (Purdue/ LSST, and OOI (& DataONE in Sep.) HUBzero), Moore (iRods), Schwab (ISI), Stocks (UCSD) Published in late 2016. hHps:// Organizers: Adams (CTSC), Dopheide trustedci.org/oscrp/ (ESnet), Peisert (ESnet), Welch (CTSC). 17

  18. Building Community NSF Cybersecurity Summit, Webinars, Blog, Email Lists, Partnerships 18

  19. NSF Cybersecurity Summit ● Inaugural summit in 2004 in response to cyber aHack affecRng many NSF funded projects ● CTSC Relaunched Summit in 2013 ader 4 year hiatus ● Growing! 90 registrants in 2015,100 in 2016. ● Opportunity for LFs, CI projects, MREFCs to collaborate: build connecRons, idenRfy and solve common challenges, develop best pracRces, share experiences, receive training. ● Address the changing threat landscape for NSF CI. More info at hHp://trustedci.org/summit/ 19

  20. Summit Recommendations turn into Actions 2015 Summit Recommenda9ons Reflected in this year’s ● Recommenda9on 1: The NSF CI and Large Facility community should develop a broadly applicable Call for ParRcipaRon and strategy for informa9on security budgets, including how, why, and where it does what it the acRviRes of the does in terms of spending ● Recommenda9on 2: The NSF CI and Large Facility CCoE. community should support research on metrics that indicate whether spending on informa9on security is sufficient and appropriately balanced with a project’s science mission RecommendaRons from ● Recommenda9on 3: The NSF CI and Large Facility community should develop a common 2016 will similarly carry understanding among all stakeholders of how accountability, risk responsibility, and risk over into acRon. acceptance prac9ces are most efficiently and appropriately distributed among project leadership, project personnel, and other stakeholders ● Recommenda9on 4: The NSF CI and Large Facility community should determine its soNware assurance, quality, and supply chain requirements 20

  21. Building Consensus: Software Assurance Recommenda9on 4: The Our plan: Work with Large FaciliRes and NSF CI and Large Facility other NSF large projects to community should determine sodware expectaRons. determine its soNware Disseminate expectaRons, with assurance, quality, and implementaRon guidance and supply chain help, to sodware developers (e.g. NSF SI2 community). requirements Leverage community resources e.g. Sodware Assurance Marketplace. 21

  22. CTSC Webinar Series trustedci.org/webinars Upcoming Webinars: ● July 24th: Internet2 Cyberinfrastructure by Paul Howell (Registra9on coming soon) ● August 28th: Improving the Security and Usability of Two-Factor Authen9ca9on for Cyberinfrastructure with Nitesh Saxena & Stanislaw Jarecki ● September 25th: Threat Intelligence Sharing with Romain Wartel Contact info@trustedci.org if have a sugges9on for a presenta9on or would like to present. Sugges9on: CICI projects and RCNs, CC*, etc. 22

  23. Partnerships Interoperability with and best pracRces from our global collaborators. ESnet: Open Science Cyberthreat Profile AARC: IdenRty Management with the EU SGCI SI2 InsRtute: Science Gateway cybersecurity Bro CoE: Training, network security REN-ISAC: SituaRonal Awareness hHp://trustedci.org/partners/ 23

  24. Community Benchmarking Survey Goal: To produce a report on the aggregated state of cybersecurity across the community and track the improvement of that state over time. trustedci.org/survey 24

  25. Staying in contact with the CCoE Join our email lists for discussions and updates: hHp://trustedci.org/ctsc-email-lists/ Blog: hHp://blog.trustedci.org/ TwiHer: @TrustedCI 25

  26. Thank You trustedci.org We thank the National Science Foundation (grant 1547272) for supporting our work. The views and conclusions contained herein are those of the author and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of the NSF. 26

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

National Cybersecurity Center of Excellence Increasing the deployment and use of standards-based

National Cybersecurity Center of Excellence Increasing the deployment and use of standards-based

National Cybersecurity Center of Excellence Increasing the deployment and use of standards-based security technologies Harry Perper Chief Engineer National Cybersecurity FFRDC The MITRE Corporation 18 January, 2017 STRATEGY VISION

774 views • 9 slides
National Cybersecurity Center of Excellence Multifactor Authentication for e-Commerce Project

National Cybersecurity Center of Excellence Multifactor Authentication for e-Commerce Project

National Cybersecurity Center of Excellence Multifactor Authentication for e-Commerce Project Cloud Identity Summit June 19, 2017 PROJECT OVERVIEW Overview U.S. adoption of credit cards equipped with computer chips helps retailers achieve

364 views • 15 slides
National Cybersecurity Center of Excellence Mitigating IoT-Based DDoS Build 1 Demonstration

National Cybersecurity Center of Excellence Mitigating IoT-Based DDoS Build 1 Demonstration

National Cybersecurity Center of Excellence Mitigating IoT-Based DDoS Build 1 Demonstration Presentation April 10, 2019 Challenge There will be 20.4 billion connected IoT devices by 2020 (per Gartner) As IoT devices become more common

671 views • 41 slides
Center of Excellence - robotics and AI Robocoast is a center of excellence that is managed by

Center of Excellence - robotics and AI Robocoast is a center of excellence that is managed by

Pauliina Harrivaara Center of Excellence - robotics and AI Robocoast is a center of excellence that is managed by regional development non-profit agency Prizztech Ltd. The form of the organization is a network comprising of around 100 SM SMEs

324 views • 14 slides
SHF | HCV INITIATIVE A Center of Excellence As a center of Excellence, St. Hope Foundation is

SHF | HCV INITIATIVE A Center of Excellence As a center of Excellence, St. Hope Foundation is

SHF | HCV INITIATIVE A Center of Excellence As a center of Excellence, St. Hope Foundation is nonprofit community healthcare organization that was established in November 1999. Recently, St. Hope implemented the Patient Centered Medical Home

534 views • 8 slides
Center of Development Excellence July 2, 2018 Center of Development Excellence Todays Agenda

Center of Development Excellence July 2, 2018 Center of Development Excellence Todays Agenda

Center of Development Excellence July 2, 2018 Center of Development Excellence Todays Agenda 1. Welcome and Introductions 2. Case Study Presentation: Strong Towns 3. Center of Development Excellence Update 4. Center of Development

337 views • 16 slides
Matthew Wright, PhD Director of the Center for Cybersecurity Professor of Computing Security

Matthew Wright, PhD Director of the Center for Cybersecurity Professor of Computing Security

http://www.rit.edu/cybersecurity Matthew Wright, PhD Director of the Center for Cybersecurity Professor of Computing Security Rochester Institute of Technology Center Mission Research Interdisciplinary Real-world Human-centered

838 views • 57 slides
U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity

U.S. National U.S. National Why are we talking about Cybersecurity Cybersecurity cybersecurity? William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&E 91SI Spring 2004 Stanford University U.S. National Cybersecurity

79 views • 7 slides
Cybersecurity: Threats, Prevention and Preparation Phil Bertolini Co-Director, Center for Digital

Cybersecurity: Threats, Prevention and Preparation Phil Bertolini Co-Director, Center for Digital

Cybersecurity: Threats, Prevention and Preparation Phil Bertolini Co-Director, Center for Digital Government Phil l Bertoli lini Co-Director, Center for Digital Government Agenda Cybersecurity Issues & Trends Cybersecurity

720 views • 57 slides
Using awk to analyze Bro logs Mark Krenz BroCon 2017 September 12th, 2017 Center for

Using awk to analyze Bro logs Mark Krenz BroCon 2017 September 12th, 2017 Center for

Using awk to analyze Bro logs Mark Krenz BroCon 2017 September 12th, 2017 Center for Trustworthy Cyberinfrastructure The NSF Cybersecurity Center of Excellence CTSCs mission is to provide the NSF community a coherent understanding of

518 views • 40 slides
Cybersecurity & the Job Market Salim Hariri, Co-Director NSF Center for Cloud and Autonomic

Cybersecurity & the Job Market Salim Hariri, Co-Director NSF Center for Cloud and Autonomic

Cybersecurity & the Job Market Salim Hariri, Co-Director NSF Center for Cloud and Autonomic Computing The University of Arizona nsfcac.arizona.edu email: hariri@ece.arizona.edu (520) 977-7954 Cybersecurity Challenges We are rapidly

585 views • 12 slides
Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives:

Presented by: Islanders Bank Cybersecurity Awareness Cybersecurity Awareness Objectives: Define Cybersecurity & why its important Provide information about Dept. Homeland Security Cybersecurity Campaigns: National

328 views • 22 slides
Clickers, SMART Boards &Wikis Teaching Excellence Center Website:

Clickers, SMART Boards &Wikis Teaching Excellence Center Website:

Teaching Excellence Center Technology Mini-Workshop Clickers, SMART Boards &Wikis Teaching Excellence Center Website: http://www.prin.edu/teachingexcellence See upcoming events Sign up for conferences, workshops and learning

606 views • 21 slides
CYBERSECURITY MATURITY MODEL CERTIFICATION V1.0 PRESENTED TO: DEFENSE ALLIANCE OF NC S&T

CYBERSECURITY MATURITY MODEL CERTIFICATION V1.0 PRESENTED TO: DEFENSE ALLIANCE OF NC S&T

NORTH CAROLINA MILITARY BUSINESS CENTER CYBERSECURITY MATURITY MODEL CERTIFICATION V1.0 PRESENTED TO: DEFENSE ALLIANCE OF NC S&T FORUM 13 FEB 2020 WWW.NCMBC.US What is CMMC? Unified cybersecurity standard for DoD acquisition

390 views • 22 slides
National CyberWatch Center National Cybersecurity Student Association CyberStudents.org National

National CyberWatch Center National Cybersecurity Student Association CyberStudents.org National

National CyberWatch Center National Cybersecurity Student Association CyberStudents.org National Cybersecurity Student Association Agenda Introductions Association Overview Vision Mission Objectives Benefits

498 views • 30 slides
Southwest Prairie Regional Center of Excellence Regional Centers of Excellence In collaboration

Southwest Prairie Regional Center of Excellence Regional Centers of Excellence In collaboration

6/21/2018 Regional Centers of Excellence In partnership with the Minnesota Department of Education Southwest Prairie Regional Center of Excellence Regional Centers of Excellence In collaboration with six Minnesota Service Cooperatives, the

473 views • 5 slides
Future Plans for the DUNE Beam Group Laura Fields and Zarko Pavlovic 1 8 Feb 2018 Introduction

Future Plans for the DUNE Beam Group Laura Fields and Zarko Pavlovic 1 8 Feb 2018 Introduction

Future Plans for the DUNE Beam Group Laura Fields and Zarko Pavlovic 1 8 Feb 2018 Introduction This group has been on hiatus since August 2017 And is now under new leadership (welcome Zarko!) During the hiatus, a major beam design

737 views • 16 slides
Call to Order January 15, 2015 Welcome and Introductions Guests: Michael Finnegan, Student

Call to Order January 15, 2015 Welcome and Introductions Guests: Michael Finnegan, Student

Call to Order January 15, 2015 Welcome and Introductions Guests: Michael Finnegan, Student Representative for Issac Ortega Welcome and Introductions Lynn Nadel, Ph.D., Chair UA/AZPM Task Force (arriving at 12:40) Deborah Corcoran, Senior

146 views • 11 slides
Math 5490 10/20/2014 Good Science or Bad Science? Math 5490 October 20, 2014 Topics in Applied

Math 5490 10/20/2014 Good Science or Bad Science? Math 5490 October 20, 2014 Topics in Applied

Math 5490 10/20/2014 Good Science or Bad Science? Math 5490 October 20, 2014 Topics in Applied Mathematics: Introduction to the Mathematics of Climate Mondays and Wednesdays 2:30 3:45

217 views • 4 slides
Tropical Pacific decadal variability and the likelihood of a continued global warming hiatus Mat

Tropical Pacific decadal variability and the likelihood of a continued global warming hiatus Mat

Tropical Pacific decadal variability and the likelihood of a continued global warming hiatus Mat Collins et al. @mat_collins Roberts et al. 2015 Estimate forced response by averaging CMIP5 historical simulations (+ test sensitivity to this

532 views • 16 slides
Welcome! October 2020 OC HMIS User Meeting Please enter your agency name in the chat box 1

Welcome! October 2020 OC HMIS User Meeting Please enter your agency name in the chat box 1

Welcome! October 2020 OC HMIS User Meeting Please enter your agency name in the chat box 1 Business vector created by stories - www.freepik.com Agenda 1. Housing Notes 2. Project Performance Reports 3. New HMIS Data Analyst 4. Mercy

724 views • 18 slides
Information Technology Advisory Committee (ITAC) Public Business Meeting August 19, 2019 2

Information Technology Advisory Committee (ITAC) Public Business Meeting August 19, 2019 2

Information Technology Advisory Committee (ITAC) Public Business Meeting August 19, 2019 2 Administrative Matters Open Meeting I. Call to Order, Roll Call Approve Minutes June 21, 2019 July 10, 2019 DRAFT Minutes are

842 views • 65 slides
Assessment Subcommittee: Updates Looking Ahead: Assessment Timeline Faculty governance

Assessment Subcommittee: Updates Looking Ahead: Assessment Timeline Faculty governance

10/11/2010 Welcome & Overview of Workshop Assessment Academy Curriculum Mapping Workshop Part 1 1. ASC Activities & Goals Friday, October 8, 2010 2. Overview of PLO Workshops (Spring 2010) 2:00 pm 4:00 pm 3. Alignment &

209 views • 6 slides
Sin, Deception & the Corruption of Science: A Look at the So-Called Climate Crisis Charles

Sin, Deception & the Corruption of Science: A Look at the So-Called Climate Crisis Charles

Sin, Deception & the Corruption of Science: A Look at the So-Called Climate Crisis Charles Clough Retired Chief, US Army Atmospheric Effects Team, Aberdeen Proving Ground, MD President, Bible Framework Ministries Bible

630 views • 37 slides

More recommend