Call for Participation
2024 NSF Cybersecurity Summit
October 7th - 10th ✶ Pittsburgh, PA
It is our pleasure to announce that the 2024 NSF Cybersecurity Summit is scheduled to take place the week of Oct 7, 2024 on the Carnegie Mellon University campus in Pittsburgh, PA.
The final program is still evolving, but we will maintain the mission to provide a format designed to increase the NSF community’s understanding of cybersecurity strategies that strengthen trustworthy science: what data, processes, and systems are crucial to the scientific mission, what risks they face, and how to protect them.
About the Summit
Since 2004, the annual NSF Cybersecurity Summit has served as a valuable part of the process of securing the NSF scientific cyberinfrastructure by providing the community a forum for education, sharing experiences, building relationships, and establishing best practices. The NSF cyberinfrastructure ecosystem presents an aggregate of complex cybersecurity needs (e.g., scientific data and instruments, unique computational and storage resources, complex collaborations) as compared to other organizations and sectors. This community has a unique opportunity to develop information security practices tailored to these needs, as well as break new ground on efficient, effective ways to protect information assets while supporting science. The Summit will bring together leaders in NSF cyberinfrastructure and cybersecurity to build a trusting, collaborative community that addresses the community’s core cybersecurity challenges.
The Summit Program Committee seeks proposals for plenary presentations, workshops, trainings, BoFs, project meetings and poster session submissions.
Proposing Content for the Summit
Proposing a Plenary Presentation
TLP:RED Talks
Proposing a Workshop or Training Session
Birds of a Feather and Project Specific Meeting Proposals
Poster Proposals
Student Program
Notes for First-Time Presenters
Proposing Content for the Summit
There are many ways to contribute to the Cybersecurity Summit. We are open to proposals for live plenary presentations, focused workshops/trainings, project meetings and birds of a feather(BoFs). More specific information on each of those is available below. Submissions can be made using the online form by June 28, 2024. Multiple submissions are allowed but only one may be accepted to allow for a diversity of speakers.
Responses will be announced by July 12, 2024 to ensure adequate planning time for presenters.
We strongly encourage proposals that address topics ranked high by the NSF cyberinfrastructure community. These include:
1. Generative AI for Security
2. Security Management for Open Source Software
3. Zero Trust Architecture
4. Security and Privacy issues when using Generative AI
5. Threats Unique to Research in Cyberinfrastructure
6. Supercomputing/HPC Specific Security Challenges
7. Regulated Research Security, Privacy and Compliance (HIPAA, CMMC, FAR, etc)
8. Cloud Security
9. Network Security and Defense
10. Specialized HPC for Compliance (HIPAA, CUI, DBGap)
Proposing a Plenary Presentation
Please submit brief proposals with a 1-2 page abstract focused on NSF cyberinfrastructure operators’ unmet cybersecurity challenges, lessons learned, and/or significant successes for presentation during the Summit Plenary Session. Plenary talks are limited to 25 minutes in length including time needed for question and answers if desired.
Please note that the Summit supports a ‘hybrid’ model for remote attendees to participate and all plenary talks will be recorded and made available after the event. Proposals should only contain information without sharing restrictions. All plenary presentations should be “TLP:CLEAR“ - Information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:CLEAR information may be distributed without restriction.” We are accepting TLP:RED talks which will not be recorded or streamed. They will be presented in a restricted session, please see more information below under “TLP:RED Talks”.
Submission deadline: June 28, 2024 at 12 am ET
Proposals can be submitted using this online form: https://docs.google.com/forms/d/e/1FAIpQLSfxdOR6jlx1n34Tp96f-OYx1WnhCJZisrfKu6kwGaNldcQkBA/viewform?usp=share_link
Word limit: 1-2 pages
Notification of Acceptance: July 12, 2024
TLP:RED Talks
Sharing experiences and threat intelligence allows our community to learn from our peers. Understanding what happened, how it was resolved, and what could have been done differently helps in refining security strategies and improving incident response plans. The purpose of these talks is to collectively enhance situational awareness and better understand the evolving threat landscape while also strengthening collaboration and trust in the NSF cyberinfrastructure community. To support this effort, we are planning a session for individuals to present TLP:RED talks.
TLP:RED CISA Description:
When should it be used? Sources may use TLP:RED when information cannot be effectively acted upon without significant risk for the privacy, reputation, or operations of the organizations involved. For the eyes and ears of individual recipients only, no further.
How should it be shared? Recipients may not share TLP:RED information with any parties outside of the specific exchange, meeting, or conversation in which it was originally disclosed. In the context of a meeting, for example, TLP:RED information is limited to those present at the meeting. In most circumstances, TLP:RED should be exchanged verbally or in person.
To ensure confidentiality, all attendees must agree to honor restrictions to not share information presented in the TLP:RED session with any outside parties. The scheduling of a TLP:RED session will be determined by the number of responses of the community. Talks can be of varying length (10-50 minutes), to propose a TLP:RED Talk, please complete this form: https://docs.google.com/forms/d/e/1FAIpQLSf71B7nQOI8BM_wGqr8jt3ugIqa_AsjXljnx1VhvNG-q-RjCg/viewform?usp=share_link
Proposing a Workshop or Training Session
Continuing this year, the Summit will accept proposals for Workshops and Trainings seeking to build communities of practice related to the NSF CyberInfrastructure. Please submit brief proposals with an abstract that includes the intended audience, description of what the workshop or training will cover and expected benefits for attendees. Examples may include table top exercises, focused discussions and activities on techniques and skills in a particular field, and collaborative information sharing among security professionals.
Workshops and Trainings will be scheduled to not overlap with the Plenary sessions. They can be of varying length ranging from one hour to a half day (3.5 hours). Workshops can be limited to a specific audience to provide confidentiality. For workshops that intend to limit participation, proposals should include requirements for attendees. For accepted workshops that have admission requirements, members of Trusted CI along with workshop organizers will review workshop registration requests to ensure they meet attendance requirements. Workshop and training organizers may choose to offer either in-person or a hybrid model to include attendees joining remotely via Zoom. Workshop/training organizers are encouraged to offer hybrid sessions (live stream) to maximize participation. This includes running the Zoom (e.g., monitoring the chat, unmuting remote participants, etc.).
Submission deadline: June 28, 2024 at 12 am ET
Proposals can be submitted using this online form: https://docs.google.com/forms/d/e/1FAIpQLSfxdOR6jlx1n34Tp96f-OYx1WnhCJZisrfKu6kwGaNldcQkBA/viewform?usp=share_link
Word limit: 1-2 pages
Notification of Acceptance: July 12, 2024
Birds of a Feather and Project Specific Meeting Proposals
This year we will again be offering Summit attendees to propose Birds of a Feather (BoFs) and Project Specific Meetings.
Birds of a Feather (BoFs): Informal gatherings of like-minded individuals who wish to discuss a certain topic can be 1-2 hours in length. Proposers of BoF sessions should serve as discussion leaders to explore and address challenges for a specific topic. BoF Proposals should be no more than one page in length and include the proposed topic and description, the activity’s intended audience, and its expected benefits.
Project Specific Meetings: The Summit organizers recognize that the summit attracts many people who work remotely on projects with distributed staff (ACCESS, ESNet, OSG, Zeek, Jupyter). Attending a conference presents an opportunity for people who work collectively on a shared project to meet in person. This year we have a number of meeting rooms available for projects to hold working sessions. To request a meeting room, please provide a name and description of the project, number of expected participants and meeting duration (1-2 hours suggested). Requests will be reviewed and scheduled based on room availability.
Submission deadline: June 28, 2024 at 12 am ET
Proposals can be submitted using this online form: https://docs.google.com/forms/d/e/1FAIpQLSfxdOR6jlx1n34Tp96f-OYx1WnhCJZisrfKu6kwGaNldcQkBA/viewform?usp=share_link
Word limit: 1 Page
Notification of Acceptance: July 12, 2024
Poster Proposals
We will be scheduling an event for individuals to present posters in an informal setting. This is an opportunity to disseminate your work with Summit attendees, receive helpful insights and engage others who are interested in the same subject or focus of your work.
To propose a poster, please provide your name, poster title along with an abstract. Details on shipping posters will be provided upon acceptance.
Submission deadline: August 31, 2024
Proposals can be submitted using this online form: https://docs.google.com/forms/d/e/1FAIpQLSd-nEdIuZ1sZJeF_w7BGA5kHtJcimKjWAn-zcqRYi8y1tPErw/viewform?usp=sharing
Word limit: 1 page
Notification of Acceptance: July 12, 2024
Student Program
To support workforce development, the Summit organizers invite several students to attend the Summit in-person. The 2024 NSF Cybersecurity Summit program committee is now accepting applications to the Student Program. Both undergraduate and graduate students may apply. No specific major or course of study is required, as long as the student is interested in learning and applying cybersecurity innovations to scientific endeavors.
Selected applicants will receive invitations from the Program Committee to attend the Summit in-person. Attendance includes your participation in a poster session.
Travel and hotel accommodations will be provided. This includes economy airfare, hotel stay (5 nights), transportation to and from the airport, per diem for meals during travel or not included in the Summit agenda, and other expenses with prior approval.
Students whose applications are declined are welcome to attend the Summit remotely.
The deadline for applications is Friday June 28th at 12 am CDT, with notification of acceptance to be sent by Monday July 29th.
We cannot select applications from students who live outside the United States.
Students can apply online by completing the application form: https://docs.google.com/forms/d/e/1FAIpQLScL5fljASO6R6XWlesQrB5Js3TTx0UlAbuDmbDFDGpVnFzyvQ/viewform
Send questions to students@trustedci.org
Notes for First-Time Presenters
The Summit organizers want to encourage those who have not presented at previous Summits to share their experiences, expertise, and insights with the NSF cybersecurity community. You don’t need to be perfectly polished, you just need to have something to share about your project or facility's experience with information security. Feedback from past Summits show that there is a great deal of interest in “lessons learned” type presentations from projects who’ve faced cybersecurity challenges and had to rethink some things afterwards. We’ve put together a page of tips and ideas for new presenters, including proposal and presentation tips as well as suggested topics. More direct coaching is available upon request.
Additional Call for Participation (CFP) Guidance
The Summit organizers wish to encourage and support participation from throughout the wider NSF community. To further that mission, we’ve provided some information (below) to aid in the preparation of CFP responses. Please don’t hesitate to direct questions to CFP@trustedci.org.
What to Present
The CFP presents an opportunity for the community to make progress on shared challenges identified in prior summits. The organizers especially appreciate proposals that drive this home; however, not every presentation or activity has to be centered around just that topic. Please submit any idea that you think may be relevant to our audience but note that proposals that address community challenges from prior years will be given higher preference.
We strongly encourage proposals that address the topics identified of high interest as outlined in the “Proposing Content for The Summit” section listed above.
How to Build a CFP Response
The proposal you submit will be used in two ways: to tell the organizers about what you plan to present and to be included in the summit findings as a sort of after-action report. It should include:
Session Format: Plenary (Lecture, Panel, Open Format) or workshop
An executive summary/abstract (short description of the topic and content).
Who the presenter(s) is/are.
Either an abstract of the topic or a narrative you’d like to share with the community. (For activities that are not plenary sessions, this may be replaced with a description of the planned activity and the activity’s intended audience.)
Contact information (preferably email) for the presenter(s) in case the organizers have any questions. This can be in a separate note in the email body instead of the proposal itself if presenter(s) don’t wish it to be published.
Expected length of the session/activity. All plenary sessions will be limited to 25 minutes, Plenary Panel proposals may request a 50 minute time slot. Workshops and Trainings can range from one to 3.5 hours. BoFs and BoFs and Project specific meetings are suggested to be 1-2 hours in length.
Intended audience and expected benefits of the proposal
Our community has expressed in the past that many find it helpful if they can download a copy of a presentation’s slides. Therefore we will require all presenters to submit their slides in advance of the summit.
The easiest way to get help/feedback from the organizing committee prior to submitting your final proposal is to create a Google Doc containing your proposal and sending an edit link to CFP@trustedci.org.
Tips for Presenting
There are many different presentation formats that can work well depending on the topic. Consider the following:
Lecture format: The presenter(s) talk to the audience and show slides to support their dialogue, then do a short Q&A session at the end of the presentation.
Panel format: 3-5 persons answer questions offered by a moderator on a specific topic or set of topics, then do a short Q&A with the audience. This tends to work out best when the panel contains people with very different backgrounds or viewpoints, and the moderator is good at keeping folks to the topic and time constraints.
Open Forum format: 2-3 persons answer questions offered by the audience. Works best if there is an extra person gathering questions and presenting them, and if the speakers can keep things succinct so that the presentation keeps moving and many questions get answered.
Hands-on format(workshops/trainings): The presenter(s) walk the audience through a demo or tutorial as the audience follows along on their computers (or on paper, if the topic supports it). If you are doing a training that will have many hands-on activities, consider having more than one presenter, or a presenter plus a helper or two who can go around the room and help participants who get stuck, allowing the group as a whole to move on.