OCTOBER 12 & 13, 2017 WORKSHOP


Federally Funded Research and Development Centers (FFRDC) and universities are increasingly impacted by the rapidly evolving world of IT security, privacy and regulatory compliance. The Cybersecurity Partnership seeks to inform, clarify and initiate hands-on cooperation among the research community. This event is highly recommended for security system administrators, principal investigators, proposal and budget administrators, project managers and staff working to support projects and proposals.


October 12, 2017 [Room Center Green CG1: Proceeding Live Streamed]

                               Mountain Daylight Time [MDT]          

8:30 AM             Networking                    

9:00 AM             Opening Remarks

                             Welcome, Workshop Kick-off, & Introductions: Anke Kamrath - CIO & CISL/NCAR Director      

9:30 AM             Keynote Cybersecurity & FISMA: Ronald Ross, PhD

                             NIST Fellow, FISMA implementation lead. Cross-agency cybersecurity expert         

10:30 AM           Break                 

10:45 AM          Keynote Non-Agency Controlled Unclassified Information Rules: Mark Riddle

                            NARA CUI program manager, co-author NIST SP 800-171            

11:45 AM           Lunch Break [live stream begins again at 1:00 PM MDT]

1:00 PM             Demystifying Cybersecurity Requirements for Research Communities         

                             Panel Leaders: Ron Ross and Mark Riddle   Moderator: Aaron Andersen

                             Daniel Massey, PhD – Prof. University of Colorado / ex-Department Homeland Security

                             Michael Thompson, PhD – NCAR Deputy Director and COO

2:00 PM             Break                      

2:15 PM             Cybersecurity Controls Future – FAR, NIST 800 53 R5 more       

                             Panel Leader: Ron Ross Moderator: Jose Castilleja, UCAR/NOAA ISSO

               Steve Beaty, PhD Metropolitan State University-Denver / ex CIO  

               Susan Ramsey, UCAR/NCAR Cybersecurity Risk Assessor

               Tim Fredrick, ACOM ISSO - NASA program

3:00 PM             Aligning Business Processes with CUI / DFAR Rules       

               Panel Leader: Mark Riddle Moderator: Chris Kennedy, JD – UCAR Privacy Officer

               Gina Taberski, UCAR Contracts

               Shawn Winkelman. UCAR IT Security – Finance and Administration

               Sarah Pritchard, JD – University of Colorado, Deputy General Counsel

4:00 PM             Wrap up

4:30 PM             End of day         


October 13. 2017 [FL2 Small Seminar Room]

Day 2 – Informal Discussions and Next Steps Planning


8:30 AM - Networking

9:00 AM - Partnership Facilitator: Aaron Andersen

What did we learn?

                            What remains unanswered?

                            How do align research missions with FAR, FISMA, PII requirements?

                           Where do we go from here?

9:30 AM - Panel Focus: Legal and Contracts  

"Recognizing, negotiating, and managing regulatory language in contracts."          

10:30 AM - Panel Focus: Principal Investigators, System Administrators and Program Managers

"How to run a program that has research and contractual regulatory requirements."

11:30 AM - Open Forum … Cybersecurity Partnership Next Steps & Call for Action

12:00 PM - Workshop Close