Dear friends of the Center for Applied Cybersecurity Research,

We will recall 2021 as yet another year with the challenges of COVID-19, hybrid meetings, virtual events, and increasing cybersecurity threats. With these challenges in mind, the CACR team continued to excel, enhancing the practice of cybersecurity for the nation, the state of Indiana, and Indiana University. I am happy to present CACR’s 2021 Annual Report. I include here some examples of CACR’s highlights in this report.

Trusted CI, the Cybersecurity Center of Excellence for the National Science Foundation (NSF) led by CACR, has now impacted 547 NSF projects through its webinars, engagements, and other activities. Trusted CI published the Framework Implementation Guide (FIG) for Research Cyberinfrastructure Operators. Since its publication, the document has been downloaded more than 1,000 times and is being put into practice at some of the nation’s largest research organizations.

The CACR-led Research Security Operations Center (ResearchSOC), which builds on the IU-led OmniSOC, continued increasing the security of the research community with four NSF major facilities as customers.

CACR performed security assessments using the Principles-based Assessment for Cybersecurity Toolkit (PACT) for the HathiTrust Research Center at IU and the NOIRLab NSF major facility.

The CACR-led IU team completed its Indiana election security project in early 2021–an effort that trained more than 30 county officials across the state in developing and executing cybersecurity incident response plans and playbooks to provide election cybersecurity training in advance of the 2020 elections, with officials from 32 counties participating.

The SecureMyResearch service, helping IU researchers with their cybersecurity challenges, achieved rapid service adoption, and is providing support for a quarter of all IU faculty.

CACR organized the Security Speaker Series, with talks co-hosted with the Ostrom Workshop, the Kelley School of Business, the Center of Excellence for Women & Technology, the Maurer School of Law, and the Luddy School of Informatics, Computing, and Engineering.

In partnership with WonderLab and IU’s Center for Excellence for Women & Technology respectively, CACR held two virtual Security Matters Cybercamps. One for middle and high school students was attended by 20 students from across five states, and one for non-STEM undergrads was attended by 16 students.

This report contains details on these accomplishments and others by CACR’s staff. I am very proud of the professional diversity of our staff, each with unique skills and experiences that contribute to its expertise. I also recognize that collaboration with and support of our many partners, Fellows, and supporters are essential for our success. These include the NSF, NSWC Crane, the Department of Homeland Security, IU OVPR, IU OVPIT, an extensive list of IU schools and partner universities, and IU’s researchers and operational cybersecurity staff.

As we look to 2022, we see new challenges and opportunities. I am proud of CACR’s accomplishments and confident that our service and leadership will continue to expand to meet those challenges and take advantage of those opportunities.

Von Welch
Director, CACR
Executive Director for Cybersecurity Innovation
Associate Vice President, Information Security
Indiana University