Call for Participation:

2019 NSF Cybersecurity Summit for Large Facilities and Cyberinfrastructure

October 15-17 ✶ Catamaran Hotel ✶ San Diego, CA

Submissions should be sent to CFP@trustedci.org by Monday, August 12th


It is our great pleasure to announce that the 2019 Summit will take place Tuesday, October 15th through Thursday, October 17th, at the Catamaran Hotel in San Diego, CA. On October 15th, the Summit will offer a full day of information security training tailored for the NSF community. The second and third days will follow a workshop format designed to increase the NSF community’s understanding of cybersecurity strategies that strengthen trustworthy science: what data, processes, and systems are crucial to the scientific mission, what risks they face, and how to protect them.

About the Summit

Since 2004, the annual NSF Cybersecurity Summit has served as a valuable part of the process of securing the NSF scientific cyberinfrastructure by providing the community a forum for education, sharing experiences, building relationships, and establishing best practices.

The NSF cyberinfrastructure ecosystem presents an aggregate of complex cybersecurity needs (e.g., scientific data and instruments, unique computational and storage resources, complex collaborations) as compared to other organizations and sectors. This community has a unique opportunity to develop information security practices tailored to these needs, as well as break new ground on efficient, effective ways to protect information assets while supporting science. The Summit will bring together leaders in NSF cyberinfrastructure and cybersecurity to continue the processes initiated in 2013: Building a trusting, collaborative community, and seriously addressing that community’s core cybersecurity challenges.

The Summit seeks proposals for presentations, breakout and training sessions. It offers opportunities for student scholarships. The Summit also seeks nominations for individuals/groups that have made meaningful contributions to the community and/or have provided leadership.


Proposing Content for the Summit

There are many ways to contribute to the Cybersecurity Summit.  We are open to proposals for full- or half-day training sessions, for plenary presentations, lightening talks and for lunch time table talks.  More specific information on each of those is available below.  Submissions should be sent to CFP@trustedci.org by Monday, August 12th.  Responses should go out by Friday, September 6th to ensure adequate planning time for presenters.

We strongly encourage proposals that address the 2018 Summit findings and recommendations:

  • Building stronger trust communities (sharing information/threats/lessons learned from security events)

  • Cybersecurity metrics: Cybersecurity needs positive or proactive metrics, to move beyond focusing solely on negative events and the risks associated with the lack of cybersecurity and more toward objective assessment cybersecurity program effectiveness

  • Human factors in cybersecurity:  Addressing/understanding the interaction between humans and security, and to explore the possibility of users taking a larger role in security solutions.

  • Machine factors in cybersecurity: Understanding the emerging impacts of Machine Learning and autonomous systems acting in offensive, defensive, and analytical capacities.


Proposing a Plenary Presentation

Please submit brief white papers focused on NSF Large Facilities’ unmet cybersecurity challenges, lessons learned, panel sessions and/or significant successes for presentation during the Summit Plenary Session (October 16&17).  White papers (and presentations) may be in the form of position papers and/or narratives and may be one to five pages in length.

All submitted white papers will be included in the 2019 summit report. The Program Committee will select the most relevant, reasoned, and broadly interesting for presentation. A limited amount of funding is available to assist with travel for accepted submissions.

Submission deadline: August 12th

Submit to: CFP@trustedci.org

Word limit:  400 to 2000 words (~1-5 single spaced pages)

Notification of acceptance: September 6th


Proposing a Training Session

Training may be targeted at technical and/or management audiences, and be half-day or full-day in length.  Areas of interest include, but are not limited to: cybersecurity planning and programs, risk assessment and management, regulatory compliance, identity and access management, data management and provenance, networks security and monitoring, secure coding and software assurance, physical security in the context of information security, and information security of scientific and emerging technologies. The Program Committee will select the most community-relevant and broadly interesting training sessions for presentation during the first day of the summit (Oct 15).

We generally prefer  training sessions with some hands-on or interactive component over those that can be equally well presented in a non-interactive format (e.g. online videos), whether that component is a series of review Q&As, the opportunity to work directly with a piece of software or other tool, or a planning/management activity.

Submission deadline: August 12th

Submit to: CFP@trustedci.org

Word Limit:  600 words

Notification of Acceptance:  September 6th

Proposing a Lightning Talk

Lightning talks are strictly timed 5-minute-max presentations that focus on one concept or present succinct research results. Lightning talks are new to the Summit this year. Five chosen talks will be grouped together for total 30-minute blocks. Areas of interest include, but are not limited to: Incident Response lessons learned, new or emerging cybersecurity technologies, focused research on malicious or defense related activity, soft skills techniques, and unique programs.

Submission deadline: August 12th

Submit to: CFP@trustedci.org

Word Limit:  600 words

Notification of Acceptance:  September 6th


Proposing Table Top Sessions

In past years, the Summit has experimented with other formats for networking and information exchange, such as table-top topics at lunch.  Proposals for such an activity should be 1-2 pages in length and include who would run the activity, the activity’s intended audience, and a description of the activity itself and its expected benefits.

Submission deadline:  August 12th

Submit to: CFP@trustedci.org

Word limit:  400 to 800 words (~1-2 single spaced pages)

Notification of acceptance:  September 6th



Nominations for the Community Leadership Recognition Program

The Summit seeks to recognize outstanding leadership in the cyberinfrastructure and cybersecurity field. These leaders have developed and established the processes and practices for building a trusting, collaborative community, and seriously addressing that community's core cybersecurity challenges in ways that remain relevant, as research technologies and infrastructure evolve and change. More information on the program and how to submit a nomination can be found here: Trustedci.org/leadership2019

Submission deadline:  August 12th

Submit to: CFP@trustedci.org


Information for Students

Each year, the summit organizers invite several students to attend the summit.  Both undergraduate and graduate students may apply, no specific major or course of study required, as long as the student is interested in learning and applying cybersecurity innovations to scientific endeavors. See https://trustedci.org/summit2019/students for more information.


Tips for presenting at the NSF Cybersecurity Summit

Welcome!  The Summit organizers wish to encourage and support participation from throughout the wider NSF community.  To further that mission, we’ve provided some information (below) to aid in the preparation of CFP responses.  Please don’t hesitate to direct questions to CFP@trustedci.org.

What to Present

The CFP presents an opportunity for the community to make progress on shared challenges identified in prior summits .  The organizers especially appreciate proposals that drive this home, however, not every presentation, training session, or activity has to be centered around just that topic.  Please submit any idea that you think may be relevant to our audience but note that proposals that address community challenges from prior years will be given higher preference.

We strongly encourage proposals that address the 2018 Summit findings and recommendations:

  • Building stronger trust communities (sharing information/threats/lessons learned from security events)

  • Cybersecurity metrics: Cybersecurity needs positive or proactive metrics, to move beyond focusing solely on negative events and the risks associated with the lack of cybersecurity and more toward objective assessment cybersecurity program effectiveness

  • Human factors in cybersecurity:  Addressing/understanding the interaction between humans and security, and to explore the possibility of users taking a larger role in security solutions.

  • Machine factors in cybersecurity: Understanding the emerging impacts of Machine Learning and autonomous systems acting in offensive, defensive, and analytical capacities.

How to Build a CFP Response

The proposal you submit will be used in two ways: to tell the organizers about what you plan to present, and to be included in the summit findings as a sort of after-action report.  It should include:

  • An executive summary (short description of the topic and content).

  • Who the presenter(s) is/are.

  • Either a whitepaper discussion of the topic, or a narrative you’d like to share with the community.  (For activities that are not trainings, this may be replaced with a description of the planned activity, any space or equipment needs, and the activity’s intended audience.)

  • Contact information (preferably email) for the presenter(s) in case the organizers have any questions.  This can be in a separate note in the email body instead of the proposal itself if presenter(s) don’t wish it to be published.

  • Expected length of the session/training/activity.  Generally, training sessions are either full- or half-day and plenary sessions are either 30 to 50 minutes depending on the number of accepted talks.

  • Any relevant references (e.g. link to the home page for the project the talk is about, or recommendations for further reading).

Our community has expressed in the past that many find it helpful if they can download a copy of a presentation’s slides.  We ask that all presenters submit their slides in advance of the summit in August or you can email a copy (or a link to where you prefer to host slides) to CFP@trustedci.org.

The easiest way to get help/feedback from the organizing committee prior to submitting your final proposal is to create a Google Doc containing your proposal and sending an edit link to CFP@trustedci.org.  

Tips for Presenting

There are many different presentation formats that can work well, depending on the topic.  Consider the following:

  • Lecture format: The presenter(s) talk to the audience and show slides to support their dialogue, then do a short Q&A time at the end of the presentation.

  • Panel format: 3-5 persons answer questions offered by a moderator on a specific topic or set of topics, then do a short Q&A with the audience. This tends to work out best when the panel contains people with very different backgrounds or viewpoints, and the moderator is good at keeping folks to the topic and time constraints.

  • Open Forum format: 2-3 persons answer questions offered by the audience. This works best if there is an extra person gathering questions and presenting them, and if the speakers can keep things succinct so that the presentation keeps moving and many questions get answered.

  • Hands-on format: The presenter(s) walk the audience through a demo or tutorial as the audience follows along on their computers (or on paper, if the topic supports it). If you are doing a training that will have many hands-on activities, consider having more than one presenter, or a presenter plus a helper or two who can go around the room and help participants who get stuck, allowing the group as a whole to move on.

Whatever format you choose, be sure to engage your audience by making eye contact (with them, not with the slide screen!), showing interest in what you are saying, and not rushing.  Most speakers appear most smooth and practiced when following a general outline they’ve practiced once or twice, rather than trying to read a prepared script verbatim.