CACR’s mission is to provide people with the knowledge and skills they need to manage cybersecurity risks in complex, challenging environments where standard cybersecurity practices do not suffice. It does so through a combination of thought leadership, applied research, training and education, operational services, and extensive interdisciplinary collaboration.
CACR is Indiana University’s flagship center for cybersecurity, serving as an integrator for research across the university’s different schools and organizations. CACR is distinctive in addressing cybersecurity from a comprehensive, multidisciplinary perspective. CACR draws on IU’s wide range of scholarly expertise in computer science, informatics, accounting and information systems, criminal justice, law, organizational behavior, and public policy, as well as the extensive practical cybersecurity experience of its operational units. CACR is the only university-level holistic cybersecurity center in the country, integrating legal, policy, economic, and behavioral research, along with operational and technical expertise.
Recently CACR has played a larger role in the success of the IU research mission and the OmniSOC endeavor. With the support of the Vice President for Research, CACR launched the SecureMyResearch service in 2020. SecureMyResearch builds on CACR’s expertise in leading the NSF Cybersecurity Center of Excellence to provide bespoke consulting to IU’s research community in addressing the cybersecurity challenges of their research. It also serves as a resource to the Office of Research Administration during the pre-award phase of grants and contracts in assessing and negotiating data usage terms. To date, SecureMyResearch has reached a resounding 460 researcher engagements in 100 departments.
In 2020, CACR Director Von Welch assumed the role of executive director of the OmniSOC. Since then, OmniSOC’s clientele has expanded beyond its founding Big Ten members to include a number of NSF research institutions and small schools across the United States. This expansion was enabled by the addition of CACR’s virtual cybersecurity services to OmniSOC’s intrusion detection capabilities—key capabilities to make for a holistic cybersecurity service for small organizations.
CACR continued to be affiliated with the Pervasive Technology Institute (PTI) at Indiana University and welcomed Dr. Beth Plale as its new executive director in the past year. PTI consists of six centers and two labs and focuses on improving the quality of life in the state of Indiana and the world through novel research, innovation, and service delivery in information technology and informatics. CACR collaborates with PTI to bring its operational cybersecurity expertise and broad community connections as competitive advantages to PTI proposals.
Exemplars of CACR work
Trusted CI: Leadership for the NSF cybersecurity ecosystem
ResearchSOC: Cybersecurity services for the nation’s greatest research
PACT: The Principles-based Assessment for Cybersecurity Toolkit for assessing the toughest cybersecurity problems
PATh: Advancing the nation’s campuses and science communities by bringing together the Center for High Throughput Computing and the Open Science Grid
Election security: Preparation for election officials in all 92 Indiana counties for cybersecurity incidents related to the 2020 general election and beyond
Security Matters cybercamps: Day camps for K8+ focusing on all things cybersecurity
Executive director for cybersecurity innovation (EDCI): Leveraging IU’s cybersecurity strengths to address challenges faced across the nation and expanding the role of CACR
SecureMyResearch: Reducing the cybersecurity burden on researchers while enhancing research data security at IU
HIPAA compliance: Providing oversight of HIPAA compliance for OVPIT systems
ASSERT: AI-enabled cybersecurity: Leading a team evaluating a research prototype application (Ahmet Okutan and S. Jay Yang at Rochester Institute of Technology) for IU’s OmniSOC security operations center
About the Indiana University cybersecurity community
Indiana University has taken a leadership position addressing difficult cybersecurity challenges through its unique operational, research, academic, and workforce development initiatives. CACR is a proud member of the university’s cybersecurity community, which includes the OmniSOC security operations center for higher education and research, the CACR-led NSF Cybersecurity Center of Excellence (Trusted CI), and Research Security Operations Center (ResearchSOC). These organizations’ information security activities alone deliver about $7.3 million in annual income—$4.4 million in the form of grant income and $2.9 million from OmniSOC and ResearchSOC services. The impact does not stop there, as the cybersecurity community is also home to invaluable organizations such as the Global Research Network Operations Center (GlobalNOC), Maurer School of Law, Kelley School of Business, Research and Education Networks Information and Analysis Center (REN-ISAC), the IU University Information Policy Office, the IU University Information Security Office, the Ostrom Workshop, and the Luddy School of Informatics, Computing, and Engineering. It is these programs, and their extensive collaborations, that have made IU an acknowledged “quiet powerhouse” in cybersecurity for higher education and research. Led by Rob Lowden, vice president for information technology and CIO, IU operates one of the most advanced cyberinfrastructures of any university in the world.