The document provides an overview of the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) 2.0, which establishes revised standards to…
Cybersecurity
Cybersecurity is critical to protecting research data and information systems from unauthorized access or misuse, ensuring the integrity of federally funded research.
Featured
Security Tomorrow, Today: Cybersecurity Updates from DARPA: June 2025 COGR Meeting
The document summarizes a June 2025 briefing presented COGR by Jesse Watkins, Deputy Director of the Security and Intelligence Directorate at DARPA, and Kris West...
What’s Hot in Cybersecurity & Implications for Institutions: February 2025 Meeting
This document provides an extensive overview of emerging cybersecurity standards and regulatory changes affecting institutions, particularly focusing on the...
Resources
Point of Contact
Kevin Wozniak
Director, Research Security & Intellectual Property
External Links
All Cybersecurity Articles
October 23-24, 2025 COGR Meeting Materials
Slide presentations shared during the October 23-24, 2025 COGR meeting in Washington D.C.
Cybersecurity Implementation and Updates from the University Perspective
The document presents a comprehensive overview of cybersecurity implementation and ongoing updates from the university perspective, focusing particularly on compliance with federal requirements such as the Cybersecurity Maturity Model Certification (CMMC) and NIST standards. Leaders from the University of Virginia (UVA), Johns Hopkins University (JHU), and the University of Pittsburgh shared their
Overview of DOD Cybersecurity Model Certification 2.0 – Updated October 2025
The document provides an overview of the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) 2.0, which establishes revised standards to ensure contractors—including universities working with Controlled Unclassified Information (CUI) or Federal Contract Information (FCI)—appropriately protect sensitive data. CMMC 2.0 simplifies compliance by reducing certification levels from…
COGR’s September 2025 Update
The September 2025 COGR Update provides an overview of recent federal developments affecting U.S. research institutions, including proposed regulatory changes, executive orders, litigation updates, and agency-specific policy shifts impacting research funding, compliance, security, and administration.
Security Tomorrow, Today: Cybersecurity Updates from DARPA: June 2025 COGR Meeting
The document summarizes a June 2025 briefing presented COGR by Jesse Watkins, Deputy Director of the Security and Intelligence Directorate at DARPA, and Kris West, Director of Research Ethics & Compliance at COGR. The presentation focuses on the evolving landscape of cybersecurity requirements for academic institutions, particularly those handling Controlled Unclassified Information (CUI) in p
What’s Hot in Cybersecurity & Implications for Institutions: February 2025 Meeting
This document provides an extensive overview of emerging cybersecurity standards and regulatory changes affecting institutions, particularly focusing on the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) and the proposed updates to the HIPAA Security Rule. It outlines the historical evolution and current structure of CMMC, stressing the increasing requirements for third-
COGR February 2025 Update
The February 2025 COGR Update provides a detailed account of significant regulatory, policy, and administrative changes impacting U.S. research institutions, driven largely by executive orders from the Administration that restrict DEI programs, roll back regulations, and alter research funding and compliance practices. It highlights widespread operational disruptions, legal challenges over reduced
Overview of OSTP Guidelines for Research Security Programs at Covered Institutions
The OSTP Research Security Program Guidelines, released July 9, 2024, establish four required elements for research security compliance—cybersecurity, foreign travel security, research security training, and export control training—at institutions exceeding a $50 million annual federal R&D threshold, with detailed timetables for agency and institutional implementation. The Guidelines promote u
COGR Joins a Multi-Association Response to the Request for Comments to Docket Number DoD–2023–OS–0063 / Regulatory Identifier Number (RIN) 0790–AL49, “Cybersecurity Maturity Model Certification (CMMC) Program”
The collective comments submitted by the American Council on Education (ACE), Association of American Universities (AAU), Association of Public and Land-Grant Universities (APLU), COGR, and EDUCAUSE address the Department of Defense’s proposed updates to the Cybersecurity Maturity Model Certification (CMMC) Program. The associations commend the DoD for recognizing that fundamental research general…
