NSF CCoE and ESnet WG seek comment on Open Science Cyber Risk Profile

[Von Welch <von () VONWELCH COM>]

All,

 Please see the following joint announcement from ESnet and the NSF Cybersecurity Center of Excellence on a joint 
project to profile open science cyber risks. An initial draft has been made public and we welcome any feedback.

Best,

Von
--
Von Welch
Director, Center for Trustworthy Scientific Cyberinfrastructure
Director, Center for Applied Cybersecurity Research
Pervasive Technology Institute / Indiana University
vwelch () iu edu <mailto:vwelch () iu edu> / 812-856-0363 / trustedci.org <http://trustedci.org/>

> Begin forwarded message:
>
> From: Von Welch <no-reply () blogger com <mailto:no-reply () blogger com>>
> Subject: [ctsc-discuss-l] [Center for Trustworthy Scientific Cyberinfrastructure (CTSC) Blog] Working Group on Open 
> Science Cybersecurity Risks Releases First Document Draft for Public Comment
> Date: October 31, 2016 at 12:00:04 PM EDT
> To: discuss () trustedci org <mailto:discuss () trustedci org>
> Reply-To: Von Welch <vwelch () iu edu <mailto:vwelch () iu edu>>
>
> Over the past several months, ESnet and the NSF Cybersecurity Center of Excellence collaborated with research and 
> education community leaders to develop a risk profile for open science to formally capture and benchmark this 
> expertise, allowing other organizations to apply these best practices more broadly. 
>
> Today, the group is releasing its draft Open Science Cyber Risk Profile (OSCRP) and inviting comment from the 
> research community. The OSCRP is designed to help principal investigators and their supporting information technology 
> professionals assess cybersecurity risks related to open science projects. The draft document, along with information 
> on how to comment, can be found at http://trustedci.github.io/OSCRP/ <http://trustedci.github.io/OSCRP/>. 
>
> Managing the security risks to scientific instruments, data and cyberinfrastructure is a priority   for creating a 
> trustworthy environment for science. Assessing, understanding and managing concerns of open science to explicitly 
> capture risks to its integrity and availability, and sometimes also privacy issues, involves making judgments on the 
> likelihood and consequences of risks. Deep experience in understanding cybersecurity and the science being supported 
> is needed to achieve these goals.
>
> The group invites comments on the document prior to final publication in early 2017.  Longer-term, the document is 
> intended to be a living, community document, being updated as open science computing evolves, and also as new 
> approaches to security arise.  
>
> About the OSCRP Working Group
>
> Organized by Sean Peisert 
> <http://crd.lbl.gov/departments/data-science-and-technology/integrated-data-frameworks/staff/sean-peisert/> and 
> Michael Dopheide <http://es.net/about/esnet-staff/cybersecurity/michael-dopheide/> from ESnet, and Von Welch 
> <https://cacr.iu.edu/about/People/administration/von-welch.php> and Andrew Adams <http://staff.psc.edu/akadams/> from 
> the NSF Cybersecurity Center of Excellence, the working group consists of: RuthAnne Bevier (Caltech) 
> <https://directory.caltech.edu/personnel/thanne>, Rich LeDuc (Northwestern) 
> <http://www.kelleher.northwestern.edu/people/staff/item/rich-leduc>, Pascal Meunier (HUBzero) 
> <https://hubzero.org/members/1292>, Stephen Schwab (USC Information Sciences Institute) 
> <http://www.isi.edu/people/schwab/about> and Karen Stocks (Scripps Institution of Oceanography) 
> <http://orcid.org/0000-0002-1282-300X>,  <http://orcid.org/0000-0002-1282-300X>Ilkay Altintas (San Diego 
> Supercomputer Center) <http://swat.sdsc.edu/ilkay/>, James Cuff (Harvard) <http://scholar.harvard.edu/jcuff/home>, 
> Reagan Moore (iRods) <http://wiki.irods.org/index.php/Reagan_Moore>, <http://orcid.org/0000-0002-1282-300X> a 
> <http://orcid.org/0000-0002-1282-300X>nd <http://orcid.org/0000-0002-1282-300X> Warren Raquel (NCSA/UIUC) 
> <http://www.ncsa.illinois.edu/assets/php/directory/contact.php?contact=wraquel>. To follow the activities of the 
> working group, please follow http://blog.trustedci.org/ <http://blog.trustedci.org/>.
>
> About the NSF Cybersecurity Center of Excellence • trustedci.org <http://trustedci.org/>  
>
> The Center for Trustworthy Scientific Cyberinfrastructure (CTSC) is funded as the National Science Foundation’s 
> Cybersecurity Center of Excellence. The mission of CTSC is to improve the cybersecurity of NSF science and 
> engineering projects, allowing those projects to focus on their science endeavors. This mission is accomplished 
> through one-on-one engagements with projects to address their specific challenges; education, outreach, and training 
> to raise the state of security practice across the scientific enterprise; and leadership on bringing the best and 
> most relevant cybersecurity research to bear on the NSF cyberinfrastructure research community.
>
> About ESnet • www.es.net <http://www.es.net/> 
>
>
> The Energy Sciences Network (ESnet) is an international, high-performance, unclassified network built to support 
> scientific research. Funded by the U.S. Department of Energy’s Office of Science (SC) and managed by Lawrence 
> Berkeley National Laboratory, ESnet provides services to more than 40 DOE research sites, including the entire 
> National Laboratory system, its supercomputing facilities, and its major scientific instruments. ESnet also connects 
> to over 140 research and commercial networks, permitting DOE-funded scientists to collaborate productively with 
> partners around the world.
>
>
> --
> Posted By Von Welch to Center for Trustworthy Scientific Cyberinfrastructure (CTSC) Blog 
> <http://blog.trustedci.org/2016/10/oscrp-draft.html> at 10/31/2016 12:00:00 PM