Join us for these ResearchSOC webinars and events!
August 4, 2022
Effective Cybersecurity for Research
The tension between cybersecurity and researchers has long hampered attempts to secure research. It is also why institutional cybersecurity efforts in academia have been confined to the most sensitive research. The status quo has persisted for other reasons as well, for instance the complexity of the research environment, but latest developments in the regulatory and cyber threat landscape are quickly changing the status quo. Funding requirements scoped beyond individual awards and newly evolving threats are pointing to a future where securing research holistically is no longer optional.
This webinar is an overview of the recently published white paper, "Effective Cybersecurity for Research," by William Drake and Anurag Shankar. The white paper describes an approach to cybersecurity for research that is showing great promise in breaking the security versus research impasse. A product of years of effort at Indiana University, it focuses exclusively on the researcher and the research mission, reduces the cybersecurity and compliance burden on the researcher, and aims to secure all research. It has been stress tested on campus, with success evidenced by researchers embracing it voluntarily and research being accelerated measurably.
Join us Thursday, August 4 at 2pm ET.
Register
Past webinars
June
Proxywar-e: detecting malicious code in websites
For the past two years, Duke faculty member David Hoffman, students, and the IT Security Office have partnered with Chris Olsen and the Proxywar-e team to develop a solution to:
- know and mitigate digital attacks targeting Duke
- automatically stop attacks; inform digital entities enabling the attackers via 3rd-party code
- understand and stop the digital attack vector’s impact on our network and endpoints
- simplify attribution for digital attacks
(Recording and presentation slides coming soon)
September
Ransomware: how an evolving business model changed the threat landscape
Ransomware has existed in some form for more than 30 years. In the past 10, it has become an expected part of an attacker’s toolkit for monetizing a compromise. In this webinar, Ryan Kiser discussed the history of ransomware, the evolution of the business model which fuels its growth, how this can inform our defensive strategies, and what easy wins we can accomplish to help us to protect against it.
View the recording
Download the presentation slides
August
Google Drive security: challenges and solutions
This webinar briefly covered the contents of the white paper by Ishan Abhinit and Mark Krenz of Indiana University's Center for Applied Cybersecurity Research (CACR) on security issues related to Google Drive. In this paper, the authors enumerate the security-related issues encountered while using Google Drive and document the solutions that they have adopted for mitigating these issues.
Download the White Paper
View the recording
Download the presentation slides
July
Evolving STINGAR and Threat Intelligence
An important challenge facing security teams is how to accurately and rapidly identify and block attacks. Security teams make use of broad toolkits to defend networks, systems and data such as antimalware software, anti-phishing appliances, and intrusion protection and detection devices. In more recent years, threat intelligence has played an increasingly important role in protecting the enterprise. Since 2014, Duke has partnered with other higher education entities and research labs to advance the STINGAR project and demonstrate how partners can collaboratively protect themselves from malicious network activity.
View the recording
Download the White Paper
June
We had a great time at EDUCAUSE CPPC! You can see the full list of speakers and topics on our blog.
May
Building a vulnerability management workflow that works, and getting the buy-in to implement it
Subscribing to a vulnerability identification or scanning service is great for network security. But, how do you manage the vulnerability data and create a manageable and trackable workflow that doesn't overwhelm staff? How do you measure progress? There is no one-size-fits-all solution. This webinar will provide questions that a higher education or research facility or project cybersecurity team should ask themselves and spur ideas that can be used to frame a solution for vulnerability management that fits their needs.
Download the presentation slides
View the recording
March
Operationalizing the framework: Getting management to understand cybersecurity
Cybersecurity professionals supporting research and higher education understand the value of having a common language with senior management. Published March 1, the Trusted CI Framework Implementation Guide for Research Cyberinfrastructure Operators provides such a common language, which can lead to mutual understanding, shared goals, and mutually agreed-upon action plans and resource allocations. Join Craig Jackson, architect of the Trusted CI Framework and Susan Sons, Deputy Director of Research SOC, as they discuss how to use the Framework to enhance relationships with key stakeholders while driving forward action to improve the overall cybersecurity posture of an organization.
View the recording
Download the presentation slides
February
OmniSOC Year 3 Virtual Event
To celebrate OmniSOC's third year of operations and the opening of OmniSOC membership to the larger research and higher education community, OmniSOC conducted a three-day virtual event.
Selected panels and presentations included:
- "Cybersecurity as we emerge from the pandemic: restoring and evolving" (featured OmniSOC BTAA Founding member CIOs).
- "A SOC supporting scientific research: initial lessons learned and insights from the ResearchSOC experience."
- "OmniSOC infrastructure and threat hunting: how OmniSOC stalks threats."
- "Research opportunities with OmniSOC and ResearchSOC data."
Walk before You Run
Baseline controls and paths to cybersecurity maturity
Are you a seasoned IT pro who’s been tasked with handling security for your organization? Are you a brand-new CISO awash in a sea of security products and vendors? Or maybe you (finally!) received additional resources and management’s approval to “do something” about cybersecurity. Whichever the case, you look out over your environment of legacy systems and hardware, policies, multiple frameworks and compliance requirements and ask yourself:
Where do I begin, and how do I know that’s the right place?
This webinar is about laying the foundation of a cybersecurity program that will mature with your organization for years to come. At the end of this webinar, you’ll understand the logical steps for building that foundation, key tools to use, how to make progress in the face of cultural challenges, and how to put your resources to use where they will have the most impact.
This webinar addressed:
- CIS Top 20 controls: the basics
- How to bring baseline controls to an entrenched organization with legacy systems and infrastructure
- What to put off until a solid foundation is present
Cybersecurity professionals and those with security responsibilities, regardless of experience or the maturity of their program, should find this webinar useful.
View the presentation slides.
Strategies for better incident response
It's not if a cybersecurity incident will happen, it's when. In this webinar, you'll learn key strategies and concepts for more effective incident response to better protect open science projects. This webinar will discuss key concepts and essential components of incident response and incident response planning. Attendees will learn how to develop a customized incident response plan that prioritizes the goals of their organization. This webinar will be most helpful to IT security/operations professionals new to incident response and information security policy development.
View the recording
Download the presentation slides
Stakeholder Management In a Crisis: lessons from a crisis communicator
Incidents happen. The real test of a cybersecurity program is how those incidents are managed when they do happen. Executing well on technical incident response is important, but if stakeholders start to panic, or try to run the process themselves, even a straightforward incident can balloon into a complex crisis. Preventing this takes solid communication and the ability to constantly nudge people with different motivation and points of view toward a common and reasonable direction. Join this ResearchSOC webinar to learn a time-tested stakeholder management method taken from hostage negotiation and how to apply it to incident response. ResearchSOC Deputy Director, cybersecurity incident responder, and volunteer crisis communicator Susan Sons will lead the training.
View the recording
Download the presentation slides
How to select and use operational cybersecurity metrics to make cybersecurity operations more effective
When it comes to cybersecurity programs supporting science projects, how do we know whether we’ve really accomplished anything? How do we keep ourselves honest, and demonstrate to stakeholders the value of our evolving program? This webinar discusses the role of operational metrics in a cybersecurity program: how to select metrics to provide valuable information and avoid perverse incentives, how to gather and use metrics effectively, and how to create a culture of improvement that uses qualitative and quantitative measures to stay on track.
View the recording
Download the presentation slides
How to secure SCADA/ICS systems: strategies that work
SPECIAL GUESTS:
Dr. Stefan Lueders, CERN Computer Security Officer
Mr. Phil Salkie, Managing Member, Jenariah Industrial Automation/TallyEngine
Telescopes. Monitoring systems. Scientific instruments. Centrifuges. Control systems. These SCADA and ICS systems are large, complex, essential, expensive, and too often running highly specialized software, outdated and vulnerable software, or both. Join ResearchSOCs special guests as they bring their unique perspectives to the challenge of securing these systems and learn proven strategies for improving the security of these types of systems.
View the recording
Download the NSF Summit ICS class notes
Download the presentation notes
How to use security exercises to mature an information security program
Learn to use a regular program of security exercises to probe your infrastructure, program, and incident response for weaknesses and opportunities, then use your home-court advantage to constantly and incrementally improve security posture rather than waiting for disaster to strike. Participants will learn key elements in writing a tabletop security exercise that can test their incident response plans with their home organization. There is no charge for this webinar.
About the presenter
Josh Drake is a senior security analyst with the Center for Applied Cybersecurity Research (CACR). He works on a couple different NSF-funded projects to mature information security programs. Josh has a 15-year background in network and systems administration.
View the recording
Download presentation slides
Download sample security exercises
Additional webinar resources
Our friends at Trusted CI, the National Science Foundation Cybersecurity Center of Excellence and ResearchSOC's sister organization, also host a series of valuable webinars. We encourage you to view this list of their upcoming webinars.