Cybersecurity

The document presents a comprehensive overview of cybersecurity implementation and ongoing updates from the university perspective, focusing particularly on compliance with federal requirements such as the Cybersecurity Maturity Model Certification (CMMC) and NIST standards. Leaders from the…

The document provides an overview of the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) 2.0, which establishes revised standards to ensure contractors—including universities working with Controlled Unclassified Information (CUI) or Federal Contract Information (FCI)...

The September 2025 COGR Update provides an overview of recent federal developments affecting U.S. research institutions, including proposed regulatory changes, executive orders, litigation updates, and agency-specific policy shifts impacting research funding, compliance, security, and administration...

Laws, Policies & Agency Guidance Concerning Research Security This section provides links to statutes, regulations, and other sources of legal requirements related to science and security, links to federal research agency policy and guidance in this area. Resources are grouped in reverse...

The document summarizes a June 2025 briefing presented COGR by Jesse Watkins, Deputy Director of the Security and Intelligence Directorate at DARPA, and Kris West, Director of Research Ethics & Compliance at COGR. The presentation focuses on the evolving landscape of cybersecurity…

This document provides an extensive overview of emerging cybersecurity standards and regulatory changes affecting institutions, particularly focusing on the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) and the proposed updates to the HIPAA Security Rule. It outlines…

The February 2025 COGR Update provides a detailed account of significant regulatory, policy, and administrative changes impacting U.S. research institutions, driven largely by executive orders from the Administration that restrict DEI programs, roll back regulations, and alter research funding…

The OSTP Research Security Program Guidelines, released July 9, 2024, establish four required elements for research security compliance—cybersecurity, foreign travel security, research security training, and export control training—at institutions exceeding a $50 million annual federal R&D…

The collective comments submitted by the American Council on Education (ACE), Association of American Universities (AAU), Association of Public and Land-Grant Universities (APLU), COGR, and EDUCAUSE address the Department of Defense’s proposed updates to the Cybersecurity Maturity Model...

On September 27, 2023, COGR hosted a virtual, interactive workshop to provide an opportunity for members to share information on institutional efforts to comply with research security requirements and how to assess associated costs and institutional burden. The workshop was led by COGR directors and...

Webinar Recording (Log in required): https://cogr.member365.org/sharingnetwork/workspace/view/34

The letter from EDUCAUSE, addressed to the General Services Administration, provides comments on the Federal Acquisition Regulation (FAR) Case 2023–010, specifically regarding the prohibition on the use of ByteDance applications, such as TikTok, within federal contracts and federally funded…

The letter from EDUCAUSE, represented by Senior Advisor Jarret S. Cummings, responds to the NIST’s request for comments on cybersecurity for research and development. EDUCAUSE, an association of over 2,100 colleges, universities, and related organizations focused on advancing higher education…

The document provides a comprehensive overview of current key issues and developments in cybersecurity as they pertain to higher education and federal contracting environments. It summarizes presentations from experts such as Kimberly Milford and Jarret Cummings, who outline the evolution and…

Slide presentations shared during the October 23-24, 2025 COGR meeting in Washington D.C.

Slide presentations shared during the October 23-24, 2025 COGR meeting in Washington D.C.

Slide presentations shared during the October 23-24, 2025 COGR meeting in Washington D.C.

Slide presentations shared during the October 23-24, 2025 COGR meeting in Washington D.C.

Slide presentations shared during the October 23-24, 2025 COGR meeting in Washington D.C.

Slide presentations shared during the October 23-24, 2025 COGR meeting in Washington D.C.

Slide presentations shared during the October 23-24, 2025 COGR meeting in Washington D.C.

This document outlines the increasing federal scrutiny on inappropriate foreign influence in U.S. academic research and offers practical considerations for institutions to develop effective research security responses. Triggered by concerns such as undisclosed foreign funding, participation in…

This letter provides association comments regarding changes proposed to Part 401 Rights to Inventions Made by Nonprofit Organizations and Small Business Firms Under Government Grants Contracts and Cooperative Agreements.

The document summarizes a panel discussion on the institutional experiences of universities with the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC), highlighting perspectives from UC San Diego, Purdue University, and Indiana University. The discussion addresses recent DoD…

The letter, jointly submitted by the Council on Governmental Relations (COGR), EDUCAUSE, the Association of American Universities (AAU), the Association of Public and Land-grant Universities (APLU), and the American Council on Education (ACE), articulates deep concerns regarding the Department of…

The document is a comprehensive overview of key issues on research security and intellectual property management discussed during a panel convened by the Council on Governmental Relations (COGR) on October 22, 2020, featuring experts from leading research universities. The panelists addressed…

The document is a formal letter dated September 1, 2020, from four major academic organizations—EDUCAUSE, the Council on Governmental Relations (COGR), the Association of American Universities (AAU), and the Association of Public and Land-grant Universities (APLU)—addressed to Ellen M. Lord, Under…

The document summarizes a panel discussion on ongoing challenges related to foreign influence and research security in the U.S. research enterprise, with contributions from senior representatives of government agencies, academic associations, and universities. Key topics include updates from the…

The document provides an update on several key initiatives and regulatory changes impacting research security and intellectual property management, primarily within the context of federally funded research in the United States. It outlines the ongoing redevelopment of the iEdison system, which…

The document outlines recent developments and ongoing discussions concerning contracts and intellectual property at U.S. academic and research institutions, with a particular focus on the influence of foreign entities. It details the increasing scrutiny from legislative and federal agencies…

The joint letter from the Association of American Universities (AAU) and the Council on Governmental Relations (COGR) to the National Institute of Standards and Technology (NIST) addresses concerns regarding the draft NIST Special Publication 800-171, which outlines security requirements for…

COGR and AAU sent a joint letter regarding the revised draft guidance concerning controlled unclassified information (CUI) to the National Institute of Standards and Technology which was outlined in NIST Special Publication 800-171.