Managing the security risks to scientific instruments, data and cyberinfrastructure is a priority for creating a trustworthy environment for science. Deep experience in understanding cybersecurity and the science being supported is needed. To achieve this, ESnet and the NSF Cybersecurity Center of Excellence are collaborating with research and education community leaders to develop a threat profile for open science to formally capture and benchmark this expertise, allowing other organizations to apply these best practices more broadly.
Organized by Sean Peisert of Berkeley and Michael Dopheide from ESnet and Von Welch and Susan Sons from the NSF Cybersecurity Center of Excellence, a working group of nine scientists and cybersecurity leaders from across the country has been formed to tackle developing the threat profile: Ilkay Altintas (San Diego Supercomputer Center), RuthAnne Bevier (Caltech), James Cuff (Harvard), Rich LeDuc (Northwestern), Pascal Meunier (HUBzero), Reagan Moore (iRods), Stephen Schwab (USC Information Sciences Institute) and Karen Stocks (Scripps Institution of Oceanography).
“Several government and academic organizations involved in cybersecurity policy have built a solid foundation for risk management, but it still takes expert judgment to assess risks for the assets found in the open science community,” said Peisert, who in addition to his role at LBNL is chief scientist for cybersecurity at CENIC . “The goal of this effort is to provide tailored guidance to the science community on the threats to science assets and the consequences of those threats to the science mission. This information will provide a basic knowledge framework to expedite managing those threats for the wide portfolio of open science projects.”