2020 CACR ANNUAL REPORT January 1–December 31, 2020
Cybersecurity leadership in a time of COVID
FROM THE DIRECTOR Dear friends of the Center for Applied Cybersecurity Research, When we think back on 2020, we will recall it as the year of COVID-19, working from home, masks and hand sanitizer, and countless Zoom meetings. We will also recall it as a year in which the cybersecurity threat to research and education escalated dramatically. In May, the Wall Street Journal quoted the FBI and the Cybersecurity and Infrastructure Security Agency—the cyber wing of the Department of Homeland Security—that Chinese state actors were targeting American universities and pharmaceutical and other health-care firms in a bid to steal intellectual property related to coronavirus treatments and vaccines, and that the intrusions may be jeopardizing progress on medical research. Ransomware attacks also stalked higher education and research with at least 30 colleges and school districts becoming victims in the first five months of 2020.
TABLE OF CONTENTS
Known ransom payments exceeded $3.1M, and in June, the University of California
4 About CACR
Against the backdrop of the global pandemic and its new rules, limitations,
5 The IU cybersecurity community
San Francisco School of Medicine paid a $1.14M ransom.
and threats, the CACR team and the organizations it leads continued to excel, progressing the work of enhancing cybersecurity for the nation, the state of Indiana, and Indiana University. Trusted CI pivoted to provide needed information on reducing the risk of ransomware attacks, held a COVID-19 issue-centric
6 2020 highlights 8 Leading the nation in cybersecurity
town hall, and offered priority support to projects supporting COVID-19-related research. The Research Security Operations Center (ResearchSOC) began onboarding three National Science Foundation (NSF) major facilities. The Principles-based Assessment for Cybersecurity Toolkit (PACT) team delivered their cybersecurity assessment in collaboration with Naval Surface Warfare
14 Leading Indiana to a more secure future
Center, Crane Division (NSWC Crane) and U.S. Coast Guard to the Virginia
16 Leading IU to help drive discovery
election cybersecurity training in advance of the 2020 elections, with officials
20 CACR leadership team, staff, and fellows
International Gateway terminal. The state of Indiana engaged CACR to provide from 32 counties participating. The newly launched SecureMyResearch team engaged over 90 IU research projects, while CACR staff led outreach efforts to IU students, faculty, and staff to combat Zoombombing.
CACR staff and UITS employees worked hard to meet this year’s challenges and provide crucial cybersecurity support for the nation, state of Indiana, and Indiana University.
CACR’s work also continued to catalyze collaborations across IU. Most notably,
IU OVPIT, an extensive list of partner universities, and IU’s researchers and
CACR facilitated IU obtaining a $2.25M CyberCorps Scholarship for Service
operational cybersecurity staff.
award, a collaboration between the Luddy School of Informatics, Computing, and Engineering; University Information Technology Services (UITS); Kelley School
I cannot speak highly enough about the members of CACR’s staff. They
of Business; and Maurer School of Law. The award will provide students with
delivered results that would be remarkable in ordinary times; during this year,
internship opportunities in CACR, UITS Information Security, and the OmniSOC.
their performance was simply extraordinary.
Other collaboration examples abound. The ResearchSOC award pulls together IU operational cybersecurity expertise with faculty from the Luddy School.
As we look to 2021 and beyond, we see a changed world with new challenges
The PACT project draws on expertise from the IU School of Education. CACR’s
and new opportunities. I am proud of CACR’s accomplishments and confident
collaboration with the Maurer School exposes law students to legal issues in
that our service and leadership will meet those challenges and take advantage
the cybersecurity domain. The new SecureMyResearch project, supported
of those opportunities, and so present our 2020 Annual Report.
jointly by the IU Office of the Vice President for Information Technology (OVPIT) and the IU Office of the Vice President for Research (OVPR), catalyzes research with cybersecurity and compliance requirements across IU. The CACR Fellows program reaches across five IU schools, IUPUI, and beyond.
Von Welch Director, CACR
In this challenging year, we relied on the collaboration and support of our
Executive Director for Cybersecurity Innovation
many partners, Fellows, and supporters for our success. These include the
Associate Vice President, Information Security
NSF, NSWC Crane, the Department of Homeland Security, IU OVPR,
CACR’s mission is to provide people with the knowledge and skills they need to manage cybersecurity risks in complex, challenging environments where standard cybersecurity practices do not suffice. It does so through a combination of thought leadership, applied research, training and education, operational services, and extensive interdisciplinary collaboration.
Founded in 2003, CACR is Indiana University’s flagship center for cybersecurity, serving as an integrator for research across the university’s different schools and organizations. CACR is distinctive in addressing cybersecurity from a comprehensive, multidisciplinary perspective. CACR draws on IU’s wide range of scholarly expertise in computer science, informatics, accounting and information systems, criminal justice, law, organizational behavior, and public policy, as well as the extensive practical cybersecurity experience of its operational units. CACR is the only university-level center in the country that involves legal, policy, economic, and behavioral research, along with operational and technical expertise. CACR is a research center affiliated with the Pervasive Technology Institute (PTI) at Indiana University. PTI consists of seven centers and two labs and focuses on improving the quality of life in the state of Indiana and the world through novel research, innovation, and service delivery in information technology and informatics.
Exemplars of CACR work
Trusted CI Leadership for the NSF cybersecurity ecosystem Trusted CI Leadership for the NSF cybersecurity ecosystem ResearchSOC Cybersecurity services for the nation’s greatest research ResearchSOC Cybersecurity services for the nation’s researchAssessment PACT The greatest Principles-based for Cybersecurity Toolkit for assessing PACTthe The Principles-based Assessment toughest cybersecurity problems for Cybersecurity Toolkit for assessing PATh Advancing the nation’s campuses the toughest cybersecurity problems and science communities by bringing the Center for High Throughput PAThtogether Advancing the nation’s campuses Computing and the Open Science Grid and science communities by bringing together the Center for High Throughput Computing and the Open Science Grid
E e f 2
THE IU CYBERSECURITY COMMUNITY IU has taken a leadership role addressing difficult cybersecurity challenges through its unique operational, research, academic, and workforce development initiatives. CACR is a proud member of the university’s cybersecurity community, which includes:
State State State Election security Preparation for for Election security Preparation
Indiana University Indiana University Indiana University Executive director forfor cybersecurity innovation Executive director cybersecurity innovation
election officials in all Indiana counties election officials in 92 all 92 Indiana counties Election security Preparation forrelated for for cybersecurity incidents related to the cybersecurity incidents to the election officials inelection allelection 92 Indiana counties 2020 general andand beyond 2020 general beyond for cybersecurity incidents related to the 2020Security general election and beyond DayDay Matters cybercamps camps Security Matters cybercamps camps for for K8+ focusing on on all things cybersecurity K8+ focusing all things cybersecurity Security Matters cybercamps Day camps for K8+ focusing on all things cybersecurity
(EDCI) Leveraging IU’sIU’s cybersecurity strengths (EDCI) Leveraging cybersecurity strengths to Executive director for cybersecurity innovation to address challenges faced nation address challenges faced across across the the nation and and (EDCI) Leveraging cybersecurity strengths to expanding thethe roleIU’s of CACR expanding role of CACR address challenges faced across the nation and expanding the role of CACR SecureMyResearch Reducing thethe cybersecurity SecureMyResearch Reducing cybersecurity burden on on researchers while enhancing research burden researchers while enhancing research SecureMyResearch Reducing the cybersecurity data security at IU data security at IU burden on researchers while enhancing research HIPAA compliance Providing oversight of HIPAA data security at IU HIPAA compliance Providing oversight of HIPAA compliance for for OVPIT systems compliance OVPIT systems HIPAA compliance Providing oversight of HIPAA ASSERT: AI-enabled cybersecurity Leading a Yang/RIT) ASSERT: cybersecurity (S. Jay compliance forAI-enabled OVPIT systems team evaluating a research prototype application Leading a team evaluating a research prototype (Ahmet Okutan and S.OmniSOC Jay Yang at Rochester application for IU's security operations center ASSERT: AI-enabled cybersecurity (S. Jay Yang/RIT) Institute of Technology) IU's OmniSOC security Leading a team evaluatingfor a research prototype operations application forcenter. IU's OmniSOC security operations center
• • • • • • • • • • •
OmniSOC GlobalNOC Trusted CI ResearchSOC REN-ISAC Luddy School of Informatics, Computing, and Engineering Kelley School of Business Maurer School of Law Ostrom Workshop University Information Policy Office University Information Security Office
It is these programs, and their extensive collaborations, that have made IU an acknowledged “quiet powerhouse” in cybersecurity for higher education and research. Led by Rob Lowden, vice president for information technology and CIO, IU operates one of the most advanced cyberinfrastructures of any university in the world.
$93.9M in lifetime regional economic impact $44.7M in lifetime award dollars $82.5M in NSF research utilizing CACR Research Cybersecurity as a Service $31M / 90 projects in IU research engaged by SecureMyResearch 43 IU groups provided Zoombombing prevention consultation 32 Indiana county officials trained in election security 3 NSF major facilities onboarded to ResearchSOC 5
2020 HIGHLIGHTS 1
Trusted CI offered priority support to COVID-19 science projects, produced blog posts relevant to working from home and increased Zoom use, and hosted a virtual town hall to discuss the pandemic’s impact on the NSF community.
ResearchSOC onboarded three NSF facilities: the National Radio Astronomy Observatory, GAGE/UNAVCO, and the Gemini Observatory.
CACR led anti-Zoombombing outreach efforts to IU student groups and faculty.
SecureMyResearch engaged 90 research projects, providing consulting and ready-made cybersecurity solutions to accelerate research.
The PACT team completed a cybersecurity assessment with NSWC Crane and the U.S. Coast Guard of the Virginia International Gateway terminal.
8 9 8
CACR Director and IU Executive Director for Cybersecurity Innovation Von Welch was appointed acting associate vice president for Information Security (now permanent) and executive director of the OmniSOC.
CACR led an IU team of cybersecurity professionals in training Indiana county election officials to secure the 2020 election (image from December 2019). CACR supported the cybersecurity community’s virtual conference efforts by sponsoring online “booths” at key conferences. CACR was selected to provide a team to secure a $22.5M NSF initiative to advance distributed high throughput computing (dHTC) as part of the Partnership to Advance Throughput Computing (PATh). CACR launched two new initiatives: Virtual Cybersecurity Services and Executive Education Cybersecurity for Leaders (C4L).
LEADING THE NATION LEADING THE NATION IN CYBERSECURITY IN CYBERSECURITY CACR continued its ongoing leadership in protecting the cybersecurity of more than $7B in NSF-funded research. CACR is the lead organization for Trusted CI, in collaboration with the National Center for Supercomputing Applications, the Pittsburgh Supercomputing Center, Internet2, Lawrence Berkeley National Laboratory (Berkeley Lab), and the University of Wisconsin–Madison. CACR also leads the ResearchSOC, collaborating with the Pittsburgh Supercomputing Center, Duke University, and the University of California San Diego.
Trusted CI: The NSF Cybersecurity Center of Excellence Now in its eighth year of service, Trusted CI has been at the forefront of the NSF research community in building a set of technical, policy, and cultural best practices necessary to ensure the security of that infrastructure and ensure the trustworthy nature of the science it produces. Trusted CI has now impacted over 400 NSF projects through its webinars, engagements, and other activities. In 2020, CACR’s Kelli Shute accepted the role of Trusted CI executive director to ensure CACR’s broad team of experts continues to move forward in an effective and coordinated manner.
View the Trusted CI Annual Report at:
go.iu.edu/3wcH Trusted CI has impacted NSF projects across the nation.
NSF Cybersecurity Summit: Promoting collaboration to improve cybersecurity As the lead organization for Trusted CI, CACR hosted a virtual version of the annual NSF Cybersecurity Summit. Two hundred and eighty-seven individuals attended, representing 142 NSF projects and 16 of the 20 NSF Large Facilities. The total attendance includes a significant increase in student participation, with 27 students attending, up from 10 in 2019. The NSF summit promoted a platform where communities interested in supporting NSF science projects collaborated to address core cybersecurity challenges. In 2020, Kate Starbird, assistant professor of human centered design and engineering, University of Washington, presented the keynote speech, “Disinformation During Crisis Events: The Perfect Storm of COVID-19 and the 2020 Election.”
PACT: Addressing the most demanding environments The Principles-based Assessment for Cybersecurity Toolkit (PACT) is a tool for assessing the toughest cybersecurity problems. CACR chief policy analysts developed the tool in collaboration with NSWC Crane. As a naval installation, Crane uses technologies that many would consider atypical, and which require custom cybersecurity solutions. Such was the case with the Virginia International Gateway terminal, a high-throughput, high-automation facility. The PACT team delivered their final report for the engagement with the Virginia International Gateway in 2020. In collaboration with the United States Coast Guard, the team incorporated Lieutenant Commander Michael DeVolld, Coast Guard Cyber Command, into the assessment team and received report feedback from eight offices. The team also used encrypted video teleconferences, the Federal Risk and Authorization Management Program cloud environment, and on-site meetings to facilitate discovery.
ResearchSOC: Delivering cybersecurity services to the nation’s greatest research
PACT team at Virginia International Gateway (VIG) terminal before the pandemic
In 2020, ResearchSOC was fully engaged in onboarding its first clients,
Concluding the SWAMP engagement
the National Radio Astronomy Observatory (NRAO), the Geodetic
In 2020, CACR concluded its work with the Morgridge Institute for Research and
Facility for the Advancement of Geoscience (GAGE) facility, and the
the University of Wisconsin on the Software Assurance Marketplace (SWAMP).
Gemini Observatory. The developing relationship has led to agreement
Funded by the Department of Homeland Security, the SWAMP project was
for a CISO advisory for NRAO and exploration of virtual cybersecurity
built and executed on the foundation of a commitment to the goal of promoting
teams for two others.
effectiveness and adoption of software assurance. The project pioneered the concept of “continuous software assurance” and followed a multipronged approach
Launched in October 2018, ResearchSOC is unique in the world—it is the only
to create an open source, portable, continuous assurance platform that addressed
organization with the mission to provide operational cybersecurity services
the needs of an evolving ecosystem of software assurance practices. Targeting
to NSF-funded facilities and projects, while at the same time seeking to
software developers, tool developers, educators and researchers, the project created
further research in cybersecurity. Funded by a $5M award from the NSF,
an open platform that demonstrated the power of continuous software assurance.
ResearchSOC helps make scientific computing resilient to cyberattacks
The SWAMP public facility and SWAMP-in-the-Box software provided a working
and capable of supporting trustworthy, productive research. CACR leads
blueprint for the architecture and functionality of a continuous assurance capability
this collaborative effort that brings together existing cybersecurity services
with the ability to be fully integrated into the software development life cycle. The
and expertise from Indiana University, including the OmniSOC and the
SWAMP project brought the power of hands-on, continuous software assurance to
Research and Education Networks Information Sharing and Analysis
individual developers, small development groups, classrooms, and training sessions
Center (REN-ISAC); Duke University; the Pittsburgh Supercomputing
that would not have otherwise been able to access such resources without being in
Center; and the University of California San Diego.
large organizations with well-established software assurance programs.
ResearchSOC clients GAGE facility, NRAO, and Gemini Observatory
Providing research cybersecurity as a service
OSG, IRIS-HEP, and PATh
Leveraging its experience in providing virtual cybersecurity leadership,
The Open Science Grid (OSG), the Institute for Research and Innovation in
expertise, and consulting for scientific research projects, CACR expanded
Software for High Energy Physics (IRIS-HEP), and the Partnership to Advance
its portfolio of research “cybersecurity as a service” clients. CACR provided
Throughput computing (PATh) are a set of three closely related research
cybersecurity leadership and consulting services to the following projects by
computing projects that have turned to CACR to provide a single security team
serving as the projects’ chief information security officers or as cybersecurity
across the projects to protect their security while supporting the tight integration
consultants providing input on best practices.
of services. PATh brings together the Center for High Throughput Computing and the OSG to advance the nation’s campuses and science communities through
the use of distributed high throughput computing. The OSG facilitates access to
The Custos project, a collaboration within PTI and led by PTI’s
distributed high throughput computing for research in the U.S. and worldwide.
Cyberinfrastructure Integration Research Center (CIRC), provides an
IRIS-HEP serves as an active center for software R&D and transforms the
innovative integration of major security capabilities needed by science gateways.
operational services required to ensure the success of the Large Hadron Collider.
These include identity management, secrets management for third-party resource integration, and group and sharing management for securely controlling permissions and broader access to the digital object science gateways.
IRIS (RENCI) CACR continued its partnership with RENCI on the Integrity Introspection for Scientific Workflows (IRIS) project. IRIS automatically detects, diagnoses, and
pinpoints the source of unintentional integrity anomalies in scientific workflows
CACR is contributing its cybersecurity expertise to a three-year, $3M project
executing on distributed computing infrastructure. CACR is supporting IRIS
funded by the NSF. The Infrastructure for Privacy-assured CompuTations
through expert guidance on cybersecurity and privacy challenges. RENCI
(ImPACT) project, led by the Renaissance Computing Institute (RENCI),
is a partnership between the University of North Carolina–Chapel Hill,
will allow researchers to focus more fully on science by building a technology
Duke University, and the city of Durham, N.C. RENCI leads a project allowing
infrastructure that supports best practices in moving data, managing data,
scientists to share and analyze data across institutional boundaries. The three-
ensuring security, and preserving privacy.
year project was funded by a $3M NSF grant.
Facilitating the development of a cyberinfrastructure CoE
Building on its expertise leading the NSF Cybersecurity Center of Excellence,
Drawn from years of experience across multiple projects, the Cybersecurity
CACR is part of a team awarded a $3M grant to conduct a pilot study for
for Leadership (C4L) initiative is an executive education program designed
a potential Cyberinfrastructure Center of Excellence (CoE). The goal of
to provide senior leaders with both an executive-level understanding of
this pilot program is to develop a model for a full CoE that will serve the NSF
cybersecurity and a usable framework for evaluating and managing their
community in developing and operating the software and hardware systems
cybersecurity challenges. The program was piloted with officials from the
critical to the nation’s research.
United States Virgin Islands in late 2020 with feedback being incorporated
During 2020, the pilot team primarily worked with the National Ecological Observatory Network (NEON), an NSF major facility tracking ecological changes across North America. The pilot’s objective during this time was to make improvements to NEON’s operational cyberinfrastructure that would enable NEON to better serve the needs of the environmental research community. As a part of this broader effort, CACR staff assisted NEON in successfully developing and integrating a federated identity management solution for the portal, which is used by researchers to access the data collected by the various ground stations and sensor networks operated by NEON. Lessons learned during this effort will inform future work carried out by the pilot to help NSF projects solve cyberinfrastructure problems.
into 2021 planning.
Facilitating AI for cybersecurity research CACR led a team piloting evaluation of a research prototype application designed to highlight collections of indicators, such as alerts, which represent attacker behavior during different types of cyberattacks, including novel attacker behavior. The ASSERT application, a collaboration with Ahmet Okutan and S. Jay Yang at Rochester Institute of Technology, uses theoretical-based measures to perform unsupervised learning from intrusion alerts across platforms. Over time, the system learns to build attack models, which may prove valuable for identifying attacks, determining their potential impact, and predicting future attacker behaviors. CACR worked closely with OmniSOC to validate the methodology and test the research prototype for use at OmniSOC
Images above from left to right: Trusted CI town hall in March 2020, CI/CS workshop in August 2020, Trusted CI Fellows panel at NSF Cybersecurity Summit in September 2020, panel on cloud computing at CI/CS workshop
for applicability to SOC workflows. The project used only data OmniSOC aggregated from IU as an exploration of machine learning approaches.
Leading the national conversation CACR continued its leadership role in providing forums to further the exchange
The fourth Workshop on Trustworthy Scientific Cyberinfrastructure (TrustedCI@PEARC20)
of knowledge and ideas through hosting/co-hosting or conducting workshops
The Workshop on Trusted Scientific Cyberinfrastructure at PEARC20 provided
at key community events. Even as 2020 saw these events transition to a virtual
an opportunity for sharing experiences, recommendations, and solutions for
format, attendance and participation remained strong.
addressing cybersecurity challenges in research computing. It included a COVID19-focused presentation: “Analysis of attacks targeting remote workers and
NSF Summit on Cybersecurity and Cyberinfrastructure
scientific computing infrastructure during the COVID-19 pandemic at NCSA/
In its role as lead organization for Trusted CI, CACR hosted a virtual version of
UIUC.” Held as part of the virtual PEARC event, the workshop provided a forum
the annual NSF Cybersecurity Summit. There were 287 members in attendance
for information sharing and discussion among a broad range of attendees,
from 142 NSF projects and 16 of 20 NSF Large Facilities, including 27 students.
including cyberinfrastructure operators, developers, and users. The workshop featured six presentations with over 60 professionals attending.
The CI/CS Workshop: The Community Together ResearchSOC also co-sponsored and co-hosted the two-day “Cybersecurity and
Cybersecurity engagement in a research environment workshop
Cyberinfrastructure Workshop: The Community Together” with the Cyberinfra-
In December, ResearchSOC held a free workshop addressing the challenges
structure Center of Excellence Pilot project. Over 200 professionals attended.
of providing cybersecurity for research projects in higher education. The “Cybersecurity Engagement in a Research Environment” workshop was a
Trusted CI webinars
training and development opportunity for researcher-facing cybersecurity
In 2020, Trusted CI hosted nine talks with 245 total attendees across 51 NSF
professionals. These professionals are responsible for applying standard
projects, and over 700 total views.
security operations to the heterogeneous research ecosystem to develop research-specific cybersecurity approaches at their home institutions.
Thirty-seven higher education security professionals attended the
Throughout the year, ResearchSOC sponsored six webinars addressing key
three-day virtual event.
cybersecurity operational issues, with over 400 total attendees.
LEADING INDIANA TO A MORE SECURE FUTURE In 2020, CACR continued to increase its engagement with the Hoosier state and the value it brings to it. CACR’s initiatives helped to prepare county election officials to secure the 2020 vote and educate Hoosier youth. CACR is also a driver for economic growth in south central Indiana and contributes to southeast Indiana’s job growth, both directly and indirectly. 14
Bringing resources to the Hoosier state CACR continues to be a leader in bringing financial resources to south central Indiana. Through CACR’s efforts, this year three awards were received or extended, totaling more than $441,000 of direct new grant funds. Additionally, CACR catalyzed and led IU’s successful efforts to secure the $2.25M CyberCorps student scholarship program award. Over its lifetime, CACR has brought more than $44.7M award dollars to the south central Indiana region. While methods of determining local economic impact vary, an IU Kelley School of Business estimate of the “ripple effect” is $2.10 of positive economic impact for every grant dollar spent, thus making CACR’s lifetime impact on the region more than $93.9M. Moreover, the Indiana Business Research Center at the Kelley School estimates that for every new job directly supported, an additional three jobs are created through ripple effects. With CACR’s growth to 22 employees, an estimated 66 new jobs have been created in the Bloomington and south central Indiana area to date.
Securing the Hoosier vote In collaboration with the Indiana secretary of state, CACR led an IU team that trained officials from 32 counties in developing and executing cybersecurity incident response plans and and playbooks for the 2020 general election. The team disseminated materials and held boot camps around the state for developing incident response plans. They also conducted training on media interaction. The effort included students through the IU Cybersecurity Clinic.
CACR and NSWC Crane: An ongoing partnership In 2020, CACR and NSWC Crane continued their ongoing partnership that was recognized with the re-signing of the cooperative research and development agreement (CRADA), a follow-on collaboration between NSWC Crane and CACR. The original agreement was executed in 2016. CACR and NSWC Crane continue to seek opportunities to increase collaboration and improve capabilities in the areas of software assurance and trusted artificial intelligence.
Conducting Security Matters Cybercamps In June 2020 and in partnership with the WonderLab Museum of Science, Health, and Technology in Bloomington, CACR held a virtual Security Matters Cybercamp for middle-school students. The two-day camp’s session topics included network security, cryptography, data forensics, website vulnerabilities, and more. CACR also co-hosted a virtual Security Collaboration Matters Cybercamp for college students with Indiana University’s Center of Excellence for Women & Technology.
Image at right: Security Matters Cybercamp went virtual this summer.
LEADING IU TO HELP DRIVE DISCOVERY 2020 saw CACR providing new opportunities and facilitating key projects to further the university’s research mission while serving as a key force in achieving IU’s strategic objectives.
Fulfilling IU’s strategic plan CACR continued to meet the challenge presented in IU’s Bicentennial Strategic Plan to “facilitate university-industry collaboration by identifying opportunities to work in areas such as cybersecurity with Indiana defenserelated institutions like NSWC Crane and the Indiana National Guard.” The center did so through the growth and maintenance of key partnerships and the completion of key projects, such as the PACT assessment provided to the Port of Virginia.
SecureMyResearch: Safer data, greater breakthroughs The 2020 SecureMyResearch effort provided IU researchers with consulting and resources to help them protect research data and comply with cybersecurity requirements in grants, contracts, and data use agreements. In 2020, SecureMyResearch conducted over 90 engagements, facilitating over $31 million in research projects. Securing research data, especially meeting new, stricter regulatory and other cybersecurity requirements, is becoming a challenge for both IU researchers and campus units that support research. To help them navigate this complex landscape, CACR, University Information Technology Services (UITS) Research Technologies, and Information Security within the IU Office of the Vice President for Information Technology are partnering to reduce the cybersecurity burden on researchers while enabling improved cybersecurity for IU research projects. SecureMyResearch leveraged
SecureMyResearch service website
the combined expertise of IU’s cybersecurity and compliance experts to weave data security and compliance into the institutional fabric, enhancing
Protecting the (virtual) exchange of ideas
both regulated and unregulated data security with a new, workflow-based
Student and faculty group meetings that moved online in response to the
security framework developed by CACR.
pandemic were subject to disruptive, crude, and malicious interference of their Zoom meetings—a practice known as Zoombombing. CACR led a collaborative
Enabling secure health research
outreach effort in response to multiple high-profile Zoombombing incidents at
In 2020, CACR continued to facilitate the HIPAA compliance effort
IU, providing proactive training for groups hosting publicly posted meetings.
for UITS. CACR worked with eight new UITS systems and brought seven
Work was done to publish, consolidate, and update information throughout
to completion, passing a rigorous institutional approval process that
IU on combating Zoombombing. This information was linked to in mass
CACR helped develop. The program leverages the NIST Risk Management
communications and provided directly to groups identified in outreach efforts.
Framework (RMF) and NIST 800-53 controls for comprehensivity and
Direct outreach was provided to 43 groups at IU, including student groups and
provides a single, reusable process for HIPAA and FISMA.
Leading collaboration across IU CACR’s collaboration within PTI allows it to impact research computing broadly. CACR’s awards continue to build
collaborations across IU. The ResearchSOC award pulls together IU operational cybersecurity expertise with faculty from the Luddy School of Informatics, Computing, and Engineering. The Scientific Workflow Integrity with Pegasus (SWIP) project draws on Luddy’s cybersecurity expertise. The PACT project draws on the expertise from the School of Education. CACR’s Fellows program reaches across five IU schools, IUPUI, and beyond.
Facilitating new workforce development programs with CyberCorps CACR played a key role in supporting IU’s successful receipt of a $2.25M CyberCorps student scholarship program. CyberCorps is designed to recruit and train the next generation of cybersecurity professionals to meet the needs of federal, state, local, and tribal governments. The program provides scholarships for cybersecurity undergraduate and graduate (MS or PhD) education funded through grants awarded by the NSF. Plans for CACR CyberCorps internship opportunities in 2021 are in development.
Providing for-credit opportunities for Maurer students Initiated in 2018 as a collaboration between CACR and the IU Maurer School of Law, the CACR-Maurer Student Affiliates program provides law students pursuing the Maurer Cybersecurity Certificate opportunities to work with CACR’s legal experts for a semester, receiving one credit. The students’ research topics impact cybersecurity and/or privacy law, and develop deliverables (e.g., memos, whitepapers, presentations). Topics have included: the California Consumer Privacy Act (CCPA); export control law as applied to research science; and privacy concerns relating to artificial intelligence.
TOP: CACR Fellows represent a wide range of perspectives across IU and beyond. BOTTOM: Students at Luddy School of Informatics, Computing, and Engineering during the 2020-21 school year.
2020 CACR SPEAKER SERIES
The CACR Speaker Series brings cybersecurity experts from across the nation to present their current research and real-world experiences to IU faculty, staff, and students. This year’s series continued virtually. These presentations can yield some exciting collaborations that bring together faculty researchers, students, and even professionals from the private sector.
January 30 Bruce Schneier Securing a world of physically capable computers
February 13 Eva Galperin About the Electronic Frontier Foundation
March 5 Rachana Ananthakrishhnan Delivering secure and usable products for the research enterprise
August 27 Kristen Eichensehr The law and politics of cyberattack attribution
September 4 Barbara Simons Voting in the age of COVID-19
October 15 Jens David Ohlin Election interference: International law and the future of democracy
November 5 Duncan Hollis Defending democracies with cybernorms
CACR thanks its partners and co-hosts: Center of Excellence for Women & Technology; Kelley School of Business; Luddy School of Informatics, Computing, and Engineering; Maurer School of Law; and Ostrom Workshop.
AVERAGE ATTENDANCE (live/online)
CACR LEADERSHIP TEAM, STAFF, AND FELLOWS CACR’s chief asset is its knowledgeable and dedicated administration, staff, fellows, and students. CACR prides itself on the professional diversity of its staff, each with unique skills and experiences that
contribute to its expertise. CACR staff is made up of people from all disciplines, including computer science, informatics, accounting and information systems, criminal justice, law, organizational behavior, and public policy.
CACR LEADERSHIP TEAM CACR Director, IU Executive Director for Cybersecurity Innovation, and Associate Vice President for Information Security Von Welch has more than a decade of experience developing, deploying, and providing cybersecurity for private and public sector high-performance computing and distributed computing systems. Senior Project Manager Kelli Shute serves as executive director of Trusted CI and supports ResearchSOC and CACR’s election security engagement with the state of Indiana. She has more than 15 years of experience leading project teams, primarily in the private sector.
Program Director Craig Jackson focuses on information security program development and governance, cybersecurity assessment design and conduct, legal and regulatory impact on information security and cyber resilience, evidence-based security, and innovative defenses. Administrative Director Leslee Bohland has more than two decades of experience in management and accounting. Chief Security Analyst Susan Sons focuses on secure software engineering, ICS/SCADA security, operational security practice for research and development organizations, and security for legacy technologies in high-stakes applications. She serves as information security officer for Open Science Grid and deputy director of the ResearchSOC. Chief Security Analyst Mark Krenz focuses on cybersecurity operations, research, and education. He has more than two decades of experience in system and network administration and serves as the CISO for the ResearchSOC and deputy CISO of Trusted CI. Senior Security Analyst Anurag Shankar provides leadership in regulatory compliance (HIPAA, FISMA, and DFATS) and cybersecurity risk management. He has over two decades of experience in providing research computing services and building HIPAA-compliant solutions for biomedical researchers.
Images at left: Von Welch (1), Kelli Shute (2), Craig Jackson (3), Leslee Bohland (4), Susan Sons (5), Mark Krenz (6), Anurag Shankar (7)
Ishan Abhinit | Senior Security Analyst
CACR staff help manage the daily
Emily K. Adams | Principal Security Analyst | CACR CISO
operations of the center. CACR
Diana Cimmer | Events & Communications Manager
staff includes administrative,
Adrian Crenshaw | Senior Security Analyst
management, and external
Austin Cushenberry | IT Support Specialist
relations support, as well as
Josh Drake | Senior Security Analyst
security and policy analysts.
Will Drake | Senior Security Analyst Tom Edelberg | Research Associate Ryan Kiser | Senior Security Analyst Tori Richardson | Senior Administrative Assistant Ranson Ricks | Senior Project Manager Scott Russell | Senior Policy Analyst Zalak Shah | Senior Security Analyst | Asst. CACR CISO Mike Stanfield | Senior Security Analyst
TRUSTED CI FELLOWS 2019 –20 Trusted CI Fellows empower members of the scientific community with basic knowledge of cybersecurity and the understanding of Trusted CI’s services, and then have them serve as cybersecurity liaisons to their respective communities.
Smriti Bhatt | Texas A&M University-San Antonio Shafaq Chaudhry | University of Central Florida Laura Christopherson | RENCI Tonya Davis | Alabama A&M University Luanzheng “Lenny” Guo | Pacific Northwest National Laboratory Matias Carrsco Kind | National Center for Supercomputing Applications Gabriella Perez | University of Iowa Jerry Perez | University of Texas at Dallas Aunshul Rege | Department of Criminal Justice at Temple University Chrysafis Vogiatzis | North Carolina A&T State University Songjie Wang | University of Missouri S. Jay Yang | Rochester Institute of Technology
FELLOWS AND KEY LIAISONS
Mark Bruhn | IU Assurance and Public Safety (retired)
CACR has more than a dozen
Fred H. Cate | IU Maurer School of Law
Fellows. Each one brings unique
Damir Cavar | IU College of Arts and Sciences, Department of Linguistics
insights and connections to the
Robert Cowles | Brightlite Information Security
center, allowing it to capitalize on
Rachel Dockery | IU Maurer School of Law
the interdisciplinary strengths of
Arjan Durressi | IUPUI Department of Computer and Information Science
IU and the broader community.
David P. Fidler | IU Maurer School of Law
Fellows represent a wide range of
Grayson Harbour | Faegre Baker Daniels LLP, Indianapolis
perspectives, including law, policy,
Daniel Hickey | IU School of Education
ethics, and informatics.
Apu Kapadia | IU Luddy School of Informatics, Computing, and Engineering
L. Jean Camp | IU Luddy School of Informatics, Computing, and Engineering
Asaf Lubin | IU Maurer School of Law Nicholas Multari | Pacific Northwest National Lab, Washington Steven Myers | Formerly of IU Luddy School of Informatics, Computing, and Engineering Scott Orr | IUPUI School of Engineering and Technology Sagar Samtani | IU Kelley School of Business Scott J. Shackelford | IU Kelley School of Business Robert Templeman | Naval Surface Warfare Center, Crane Division Joseph Tomain | IU Maurer School of Law XiaoFeng Wang | IU Luddy School of Informatics, Computing, and Engineering Xukai Zou | IUPUI Department of Computer and Information Science
OTHER IU CYBERSECURITY COMMUNITY MEMBERS
IU Office of the Associate Vice President for Information Security | informationsecurity.iu.edu GlobalNOC | globalnoc.iu.edu Hamilton Lugar School of Global and International Studies | hls.indiana.edu IU Cybersecurity Risk Management Program | cyberrisk.iu.edu Kelley School of Business | kelley.iu.edu Luddy School of Informatics, Computing, and Engineering | luddy.indiana.edu Maurer School of Law | law.indiana.edu OmniSOC | omnisoc.iu.edu Ostrom Workshop | ostromworkshop.indiana.edu REN-ISAC | ren-isac.net
2719 E. Tenth Street, Suite 231, Bloomington, IN 47408 (812) 856-0458 | email@example.com
cacr.iu.edu CACR is supported at Indiana University by the Office of the Vice President for Information Technology and the Office of the Vice President for Research. CACR is affiliated with the IU Pervasive Technology Institute. Additional support is provided by the National Science Foundation, Department of Defense, Department of Homeland Security, and the Indiana Secretary of State. This report, and all of CACR’s work, is supported by numerous units at Indiana University including the IT Communications Office, the Office of Research Administration, and UITS Finance and Human Resources.