The document provides an overview of the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) 2.0, which establishes revised standards to…
Cybersecurity
Cybersecurity is critical to protecting research data and information systems from unauthorized access or misuse, ensuring the integrity of federally funded research.
Featured
Security Tomorrow, Today: Cybersecurity Updates from DARPA: June 2025 COGR Meeting
The document summarizes a June 2025 briefing presented COGR by Jesse Watkins, Deputy Director of the Security and Intelligence Directorate at DARPA, and Kris West...
What’s Hot in Cybersecurity & Implications for Institutions: February 2025 Meeting
This document provides an extensive overview of emerging cybersecurity standards and regulatory changes affecting institutions, particularly focusing on the...
Resources
Point of Contact
Kevin Wozniak
Director, Research Security & Intellectual Property
External Links
All Cybersecurity Articles
COGR, EDUCAUSE, and AAU Submit Joint Comment Letter to GSA on Cyber Threat and Incident Reporting & Information Sharing (FAR 2021-017)
EDUCAUSE, COGR, and the Association of American Universities (AAU) submitted comments expressing concern over the scope and impact of the proposed changes in Federal Acquisition Regulation Case 2021-017, which would require all federal contractors—including higher education institutions engaged in fundamental research—to comply with broad cyber incident reporting and software bill of materials (SB
Session Materials Available: Workshop on Compliance with Research Security Requirements and the Associated Cost of Compliance Survey
On September 27, 2023, COGR hosted a virtual, interactive workshop to provide an opportunity for members to share information on institutional efforts to comply with research security requirements and how to assess associated costs and institutional burden. The workshop was led by COGR directors and members of COGR’s four committees.
Times Up for TikTok—Implications of the Prohibition on ByteDance Covered Application
Webinar Recording (Log in required): https://cogr.member365.org/sharingnetwork/workspace/view/34
COGR Supports EDUCAUSE Response to FAR: Prohibition on a ByteDance Covered Application
The letter from EDUCAUSE, addressed to the General Services Administration, provides comments on the Federal Acquisition Regulation (FAR) Case 2023–010, specifically regarding the prohibition on the use of ByteDance applications, such as TikTok, within federal contracts and federally funded research environments. EDUCAUSE, representing over 2,100 higher education institutions, expresses appreciati
Laws, Policies, & Agency Guidance Concerning Research Security
Laws, Policies & Agency Guidance Concerning Research SecurityThis section provides links to statutes, regulations, and other sources of legal requirements related to science and security, links to federal research agency policy and guidance in this area. Resources are grouped in reverse chronological order (i.e., most recent resources are listed first) under t
COGR Supports EDUCAUSE Response to NIST’s Cybersecurity for R&D Request for Comment
The letter from EDUCAUSE, represented by Senior Advisor Jarret S. Cummings, responds to the NIST’s request for comments on cybersecurity for research and development. EDUCAUSE, an association of over 2,100 colleges, universities, and related organizations focused on advancing higher education through IT, thanks NIST for considering input from the higher education sector and formally submits the co
Hot Topics in Cybersecurity: June 2023 Meeting
The document provides a comprehensive overview of current key issues and developments in cybersecurity as they pertain to higher education and federal contracting environments. It summarizes presentations from experts such as Kimberly Milford and Jarret Cummings, who outline the evolution and present state of federal requirements for safeguarding sensitive but unclassified information, particularl
COGR’s Releases Paper on “Foreign Influence—Practical Considerations in Developing an Institutional Response”
This document outlines the increasing federal scrutiny on inappropriate foreign influence in U.S. academic research and offers practical considerations for institutions to develop effective research security responses. Triggered by concerns such as undisclosed foreign funding, participation in foreign government talent programs, and intellectual property theft—especially with a focus on China—U.S.
Institutional Experiences with CMMC: February 2021 Meeting
The document summarizes a panel discussion on the institutional experiences of universities with the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC), highlighting perspectives from UC San Diego, Purdue University, and Indiana University. The discussion addresses recent DoD regulatory changes requiring contractors to achieve at least Level 1 CMMC certification, emphasizing
