Mark Krenz & Ishan Abhinit – Security Log Analysis-Learn how to collect and analyze system logs to help detect security incidents
The goal of security log analysis is to more efficiently leverage log collection in order to identify threats and anomalies in your organization. This half-day training will help you tie together various log and data sources to provide a more rounded, coherent picture of a potential security event. It will also help you understand log analysis as a life cycle (collection, event management, analysis, response) that continues to become more efficient over time. Interactive demonstrations will cover both automated and manual analysis using multiple log sources, with examples from real security incidents.
Outcomes: Explore how the 4 phases of the log analysis life cycle contributes to a security team’s effectiveness * Cover how to use lessons learned during each cycle to tune the monitoring and analysis workflow to improve an organization’s operational security footing over time * Better understand how to leverage various logs for incident response
Anurag Shankar & Ryan Kiser – Building NIST Risk Management Framework for HIPAA and FISMA
This session will familiarize participants with how to tackle HIPAA, FISMA, and NIST 800-171, US regulations that affect research computing.
The regulatory burden flowing downstream from the funding agencies is growing ever more challenging as a worsening cyber landscape forces the government to introduce new privacy and security regulations in response. Ignorance is no longer an option for R&D organizations, even for those that lack the necessary expertise and resources to acquire it. This session is designed especially for them and for others newly initiated, but is also useful generally. It demystifies HIPAA, FISMA, and NIST 800-171, US regulations that affect research computing. It also offers guidance on ways to tackle the various compliance regimes using a NIST risk management framework
Bob Cowles & Mark Krenz– Developing Cybersecurity Programs for NSF Projects
This tutorial describes Trusted CI’s Framework for cybersecurity programs to protect science projects
This tutorial presents an overview of the architecture and plans for the Trusted CI Framework. The Framework will describe the requirements for a cybersecurity program to provide researchers with a secure and safe environment. The emphasis of the presentation is on the “musts” associated with the four pillars of such a program:
Igor Sfiligoi and Frank Wuerthwein– Joining the national Cyber Infrastructure through Kubernetes and OSG
EPOC Science Engagement Workshop: Bridging the Technology Gap between Information Technology and
the Research Community
This highly interactive workshop, hosted by the NSF CC* funded Engineering and Performance Outreach Center (EPOC) will present a process that can be adopted by CI facilitators at the campus, regional, and national levels to advance the mission of science engagement and fully realize the investments made by the National Science Foundation and Department of Energy Office of Science.
Establishing a process to regularly review network requirements helps to determine the current and future science communication and
collaboration needs for numerous communities. The purpose of these reviews is to accurately characterize the near-term, medium-term and
long-term network requirements of the science being performed. This approach brings about a network-centric understanding of the science
process used by the researchers and scientists, without asking technical questions directly, and derives network requirements from
Workshop Goal: This highly interactive workshop outlines a process that can be adopted by CI facilitators at the campus, regional, and national levels to advance the mission of science engagement and fully realize the investments made in networking and personnel by agencies such as the National Science Foundation and Department of Energy Office of Science.
The topics of this event focus on the intersection of research and technology, specifically use of high speed networks. Specifically:
Cyberinfrastructure (CI) Engineering BoF Session
Come and mingle with other technical staff that focus on systems, software, networking, and more on topics related to supporting Cyberinfrastructure. Have a problem (or solution) with regards to perfSONAR, DTNs, or Science DMZ – come discuss with other
experts in the field. All levels of experience, institution size, or type of scientific use welcome.