Challenges and Opportunities in Enabling Research from Security, Privacy, and Risk Perspectives

Cybersecurity and privacy are enablers of science, and implementing cybersecurity and privacy initiatives must be a responsibility shared by researchers, institutional leadership, cybersecurity and privacy professionals, IT service providers, and administrative personnel. Understanding research lifecycle and the underlying research data lifecycle is key to developing a coordinated set of infrastructure, services, policies, and procedures for managing and reducing the risks associated with research data, e.g., data loss, and the subsequent reputational or financial impact. We describe the challenges inherent to supporting the research mission and provide recommendations and approaches covering the risk management lifecycle that can help cybersecurity and privacy professionals support research at an R1/R2 institution. Some of the recommendations include establishing working groups to facilitate communication among various stakeholders; developing training and awareness initiatives that focus on change management; and providing simple, integrated platforms and services to researchers to ease adoption. By raising awareness of how research works cradle-to-grave, we aim to equip stakeholders at these institutions with the knowledge and tools to protect intellectual property, facilitate data management, improve publication success rate and funding opportunities, and foster collaboration.