Educause Security Discussion mailing list archives
NSF CCoE and ESnet WG seek comment on Open Science Cyber Risk Profile
From: Von Welch <von () VONWELCH COM>
Date: Mon, 31 Oct 2016 12:56:32 -0400
All, Please see the following joint announcement from ESnet and the NSF Cybersecurity Center of Excellence on a joint project to profile open science cyber risks. An initial draft has been made public and we welcome any feedback. Best, Von -- Von Welch Director, Center for Trustworthy Scientific Cyberinfrastructure Director, Center for Applied Cybersecurity Research Pervasive Technology Institute / Indiana University vwelch () iu edu <mailto:vwelch () iu edu> / 812-856-0363 / trustedci.org <http://trustedci.org/>
Begin forwarded message: From: Von Welch <no-reply () blogger com <mailto:no-reply () blogger com>> Subject: [ctsc-discuss-l] [Center for Trustworthy Scientific Cyberinfrastructure (CTSC) Blog] Working Group on Open Science Cybersecurity Risks Releases First Document Draft for Public Comment Date: October 31, 2016 at 12:00:04 PM EDT To: discuss () trustedci org <mailto:discuss () trustedci org> Reply-To: Von Welch <vwelch () iu edu <mailto:vwelch () iu edu>> Over the past several months, ESnet and the NSF Cybersecurity Center of Excellence collaborated with research and education community leaders to develop a risk profile for open science to formally capture and benchmark this expertise, allowing other organizations to apply these best practices more broadly. Today, the group is releasing its draft Open Science Cyber Risk Profile (OSCRP) and inviting comment from the research community. The OSCRP is designed to help principal investigators and their supporting information technology professionals assess cybersecurity risks related to open science projects. The draft document, along with information on how to comment, can be found at http://trustedci.github.io/OSCRP/ <http://trustedci.github.io/OSCRP/>. Managing the security risks to scientific instruments, data and cyberinfrastructure is a priority for creating a trustworthy environment for science. Assessing, understanding and managing concerns of open science to explicitly capture risks to its integrity and availability, and sometimes also privacy issues, involves making judgments on the likelihood and consequences of risks. Deep experience in understanding cybersecurity and the science being supported is needed to achieve these goals. The group invites comments on the document prior to final publication in early 2017. Longer-term, the document is intended to be a living, community document, being updated as open science computing evolves, and also as new approaches to security arise. About the OSCRP Working Group Organized by Sean Peisert <http://crd.lbl.gov/departments/data-science-and-technology/integrated-data-frameworks/staff/sean-peisert/> and Michael Dopheide <http://es.net/about/esnet-staff/cybersecurity/michael-dopheide/> from ESnet, and Von Welch <https://cacr.iu.edu/about/People/administration/von-welch.php> and Andrew Adams <http://staff.psc.edu/akadams/> from the NSF Cybersecurity Center of Excellence, the working group consists of: RuthAnne Bevier (Caltech) <https://directory.caltech.edu/personnel/thanne>, Rich LeDuc (Northwestern) <http://www.kelleher.northwestern.edu/people/staff/item/rich-leduc>, Pascal Meunier (HUBzero) <https://hubzero.org/members/1292>, Stephen Schwab (USC Information Sciences Institute) <http://www.isi.edu/people/schwab/about> and Karen Stocks (Scripps Institution of Oceanography) <http://orcid.org/0000-0002-1282-300X>, <http://orcid.org/0000-0002-1282-300X>Ilkay Altintas (San Diego Supercomputer Center) <http://swat.sdsc.edu/ilkay/>, James Cuff (Harvard) <http://scholar.harvard.edu/jcuff/home>, Reagan Moore (iRods) <http://wiki.irods.org/index.php/Reagan_Moore>, <http://orcid.org/0000-0002-1282-300X> a <http://orcid.org/0000-0002-1282-300X>nd <http://orcid.org/0000-0002-1282-300X> Warren Raquel (NCSA/UIUC) <http://www.ncsa.illinois.edu/assets/php/directory/contact.php?contact=wraquel>. To follow the activities of the working group, please follow http://blog.trustedci.org/ <http://blog.trustedci.org/>. About the NSF Cybersecurity Center of Excellence • trustedci.org <http://trustedci.org/> The Center for Trustworthy Scientific Cyberinfrastructure (CTSC) is funded as the National Science Foundation’s Cybersecurity Center of Excellence. The mission of CTSC is to improve the cybersecurity of NSF science and engineering projects, allowing those projects to focus on their science endeavors. This mission is accomplished through one-on-one engagements with projects to address their specific challenges; education, outreach, and training to raise the state of security practice across the scientific enterprise; and leadership on bringing the best and most relevant cybersecurity research to bear on the NSF cyberinfrastructure research community. About ESnet • www.es.net <http://www.es.net/> The Energy Sciences Network (ESnet) is an international, high-performance, unclassified network built to support scientific research. Funded by the U.S. Department of Energy’s Office of Science (SC) and managed by Lawrence Berkeley National Laboratory, ESnet provides services to more than 40 DOE research sites, including the entire National Laboratory system, its supercomputing facilities, and its major scientific instruments. ESnet also connects to over 140 research and commercial networks, permitting DOE-funded scientists to collaborate productively with partners around the world. -- Posted By Von Welch to Center for Trustworthy Scientific Cyberinfrastructure (CTSC) Blog <http://blog.trustedci.org/2016/10/oscrp-draft.html> at 10/31/2016 12:00:00 PM
Current thread:
- NSF CCoE and ESnet WG seek comment on Open Science Cyber Risk Profile Von Welch (Oct 31)