Helping Scientists Understand Research Cyber Risks

September 25, 2017

recent post on the UC IT Blog makes clear the security threat to University researchers: “Cyber attacks don’t just hit big corporations or governments or hospitals. Anything connected to networks is vulnerable, and that includes research and open science.”

Authors Sean Peisert, Karen Stocks, and Von Welch describe the Open Source Cyber RiskProfile (OSCRP), an online framework to help scientists understand how their research might be affected by cyber attacks. The project is a collaboration between Center for Trustworthy Scientific Cyberinfrastructure, and the Department of Energy’s Energy Sciences Network (ESnet).

Among the surprising findings in the work is how many scientific instruments (beyond traditional servers) are exposed to cyber risks via computer networks. “We were struck by the sheer number of network-connected systems that aren’t traditional computers.”

Research IT consultants can assist researchers with concerns about how to secure their data, their instruments, or other aspects of their workflows. We can also help connect you to other campus groups that assist with security policy and guidelines, and infrastructure providers. Send your questions to research-it@berkeley.edu.

Read the full blog post, or for more on the framework, read  “Mind the gap: Speaking like a cybersecurity pro,” ScienceNode, February 10, 2017.