Date Published: August 31, 2023
Comments Due:
Email Questions to:
Author(s)
Connie LaSalle (NIST), Gema Howell (NIST), Leilani Martinez (NIST)
Announcement
To support implementation of the research cybersecurity effort detailed in Section 10229 of the CHIPS and Science Act, NIST is leading an initiative to disseminate and make publicly available resources to help qualifying institutions of higher education identify, assess, manage, and reduce cybersecurity risks related to conducting research.
Informed by community dialogue and an April 2023 Request for Comment, today NIST is publishing this Initial Public Draft of NIST Interagency Report (IR) 8481, Research for Cybersecurity: Findings and Possible Paths Forward.
Institutions of higher education, cybersecurity and privacy professionals, researchers, and any other interested parties are invited to review the draft and provide feedback by October 31, 2023. We encourage you to use this comment template when preparing and submitting your comments.
We appreciate your help! Feedback and comments should be sent via email to cyber4R&D@NIST.gov.
Unmanaged cybersecurity risks can wreak havoc on a community. This is no less true for the U.S. scientific research ecosystem, particularly members of the higher education research community, which can be characterized by its fundamentally open, collaborative culture and web of highly decentralized administrative and research environments. Securing the digital resources that contribute to a thriving higher education research enterprise requires consideration of the threats and vulnerabilities relevant to the community as well as unique mission contexts, cultures, and motivations. This resource is intended to enable institutions of higher education to identify, assess, manage, and reduce cybersecurity risks related to conducting research, as described in Section 10229 of the CHIPS and Science Act.
Unmanaged cybersecurity risks can wreak havoc on a community. This is no less true for the U.S. scientific research ecosystem, particularly members of the higher education research community, which can be characterized by its fundamentally open, collaborative culture and web of highly decentralized...
See full abstract
Unmanaged cybersecurity risks can wreak havoc on a community. This is no less true for the U.S. scientific research ecosystem, particularly members of the higher education research community, which can be characterized by its fundamentally open, collaborative culture and web of highly decentralized administrative and research environments. Securing the digital resources that contribute to a thriving higher education research enterprise requires consideration of the threats and vulnerabilities relevant to the community as well as unique mission contexts, cultures, and motivations. This resource is intended to enable institutions of higher education to identify, assess, manage, and reduce cybersecurity risks related to conducting research, as described in Section 10229 of the CHIPS and Science Act.
Hide full abstract
Keywords
access control; cybersecurity; cybersecurity awareness and education; cybersecurity risk management; controlled unclassified information (CUI); digital identity; higher education; information security; National Initiative for Cybersecurity Education (NICE); NIST Special Publication 800-53; NIST Special Publication 800-171; NIST Risk Management Framework; nonfederal systems; research and education (R&E); research cybersecurity; research security; risk management; safeguarding science; security; workforce
Control Families
None selected
