Research Cybersecurity

The Research Cybersecurity team facilitates the development and implementation of research-specific data security guidance, policy, and infrastructure, in line with information security policies and procedures.

A particularly important component of these security services is providing researchers support in navigating the cybersecurity technical jargon embedded in federal and state regulatory requirements, as well as requirements prescribed through contracts, grants, or sponsorships.

Areas of Focus

Pre- and post-award review
Researcher-focused solution assessments
Periodic assessments of compliance within secure computing environments
Compliant reaction to information security incidents
Development of System Security Plans (SSPs)
Development and review of Plan of Action and Milestones (POA&M) to identify information system weaknesses, mitigating actions, resources, and timelines for corrective actions
Technical security controls assessments and baseline validations to identify vulnerabilities and correct deficiencies as part of a continuous monitoring program
Campus and system-wide development and implementation of security policies and procedures
Security awareness and training

Important note: Accepting controlled information or restrictions under research agreements may require the use of Technology Control Plans (TCP) or heightened cybersecurity. Typically, this would be identified through review of an agreement through either the Office of Research Administration (ORA) or Department of Industrial Cooperation (DIC), however – if you accept or anticipate accepting controlled information and are not already working with ORA or DIC (such as through a conference or loose collaboration), contact the Office of Research Compliance to request a review.