Cybersecurity

Cybersecurity is critical to protecting research data and information systems from unauthorized access or misuse, ensuring the integrity of federally funded research.

Cybersecurity

Featured

Policy Perspective

Overview of DOD Cybersecurity Model Certification 2.0 – Updated October 2025

The document provides an overview of the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) 2.0, which establishes revised standards to…

Cybersecurity
Science & Security
Event Materials

Security Tomorrow, Today: Cybersecurity Updates from DARPA: June 2025 COGR Meeting

The document summarizes a June 2025 briefing presented COGR by Jesse Watkins, Deputy Director of the Security and Intelligence Directorate at DARPA, and Kris West...

Science & Security
Cybersecurity
Event Materials

What’s Hot in Cybersecurity & Implications for Institutions: February 2025 Meeting

This document provides an extensive overview of emerging cybersecurity standards and regulatory changes affecting institutions, particularly focusing on the...

Cybersecurity
Science & Security

Resources

Policy Perspective 01 Feb, 2024

COGR, EDUCAUSE, and AAU Submit Joint Comment Letter to GSA on Cyber Threat and Incident Reporting & Information Sharing (FAR 2021-017)

EDUCAUSE, COGR, and the Association of American Universities (AAU) submitted comments expressing concern over the scope and impact of the proposed changes in Federal Acquisition Regulation Case 2021-017, which would require all federal contractors—including higher education institutions engaged…

Cybersecurity
Science & Security

Point of Contact

Kevin Wozniak

Kevin Wozniak

Director, Research Security & Intellectual Property

External Links

NIST SP 800-171 Rev. 2
DOD CMMC Resources & Documentation

All Cybersecurity Articles

Filters

14 results
Policy Perspective

Overview of DOD Cybersecurity Model Certification 2.0 – Updated October 2025

The document provides an overview of the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) 2.0, which establishes revised standards to ensure contractors—including universities working with Controlled Unclassified Information (CUI) or Federal Contract Information (FCI)—appropriately protect sensitive data. CMMC 2.0 simplifies compliance by reducing certification levels from…
Cybersecurity
Science & Security
COGR Update

COGR’s September 2025 Update

The September 2025 COGR Update provides an overview of recent federal developments affecting U.S. research institutions, including proposed regulatory changes, executive orders, litigation updates, and agency-specific policy shifts impacting research funding, compliance, security, and administration.
Research Compliance
Intellectual Property & Innovation
Science & Security
COGR Update

COGR February 2025 Update

The February 2025 COGR Update provides a detailed account of significant regulatory, policy, and administrative changes impacting U.S. research institutions, driven largely by executive orders from the Administration that restrict DEI programs, roll back regulations, and alter research funding and compliance practices. It highlights widespread operational disruptions, legal challenges over reduced
Financial Management & Compliance
F&A
Proposals & Awards
Policy Perspective

Overview of OSTP Guidelines for Research Security Programs at Covered Institutions

The OSTP Research Security Program Guidelines, released July 9, 2024, establish four required elements for research security compliance—cybersecurity, foreign travel security, research security training, and export control training—at institutions exceeding a $50 million annual federal R&D threshold, with detailed timetables for agency and institutional implementation. The Guidelines promote u
Science & Security
Cybersecurity
Export Controls
Comment Letter
Event Materials
Policy Perspective

COGR Joins a Multi-Association Response to the Request for Comments to Docket Number DoD–2023–OS–0063 / Regulatory Identifier Number (RIN) 0790–AL49, “Cybersecurity Maturity Model Certification (CMMC) Program”

The collective comments submitted by the American Council on Education (ACE), Association of American Universities (AAU), Association of Public and Land-Grant Universities (APLU), COGR, and EDUCAUSE address the Department of Defense’s proposed updates to the Cybersecurity Maturity Model Certification (CMMC) Program. The associations commend the DoD for recognizing that fundamental research general…
Cybersecurity
Science & Security
Research Data & Access Policies
Policy Perspective
Comment Letter

COGR, EDUCAUSE, and AAU Submit Joint Comment Letter to GSA on Cyber Threat and Incident Reporting & Information Sharing (FAR 2021-017)

EDUCAUSE, COGR, and the Association of American Universities (AAU) submitted comments expressing concern over the scope and impact of the proposed changes in Federal Acquisition Regulation Case 2021-017, which would require all federal contractors—including higher education institutions engaged in fundamental research—to comply with broad cyber incident reporting and software bill of materials (SB
Cybersecurity
Science & Security
Policy Perspective

COGR’s Releases Paper on “Foreign Influence—Practical Considerations in Developing an Institutional Response”

This document outlines the increasing federal scrutiny on inappropriate foreign influence in U.S. academic research and offers practical considerations for institutions to develop effective research security responses. Triggered by concerns such as undisclosed foreign funding, participation in foreign government talent programs, and intellectual property theft—especially with a focus on China—U.S.
Foreign Contracts & Gift Reporting
Cybersecurity
Conflict of Interest/Commitment
Comment Letter
Policy Perspective

Joint Association Comments on NIST NPRM Proposed Changes to Part 401 and 404

Document
Cybersecurity
Other Science & Security
Disclosure Requirements
Policy Perspective

Institutional Experiences with CMMC: February 2021 Meeting

The document summarizes a panel discussion on the institutional experiences of universities with the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC), highlighting perspectives from UC San Diego, Purdue University, and Indiana University. The discussion addresses recent DoD regulatory changes requiring contractors to achieve at least Level 1 CMMC certification, emphasizing
Cybersecurity
Science & Security