NSF Org:	OAC Office of Advanced Cyberinfrastructure (OAC)
Recipient:	UNIVERSITY OF CALIFORNIA, SAN DIEGO
Initial Amendment Date:	November 1, 2021
Latest Amendment Date:	April 29, 2022
Award Number:	2201028
Award Instrument:	Standard Grant
Program Manager:	Rob Beverly OAC  Office of Advanced Cyberinfrastructure (OAC) CSE  Directorate for Computer and Information Science and Engineering
Start Date:	December 1, 2021
End Date:	January 31, 2024 (Estimated)
Total Intended Award Amount:	$499,781.00
Total Awarded Amount to Date:	$499,781.00
Funds Obligated to Date:	FY 2021 = $313,098.00
History of Investigator:	Carolyn Ellis (Principal Investigator) carolynEllis@asu.edu Erik Deumens (Co-Principal Investigator)
Recipient Sponsored Research Office:	University of California-San Diego 9500 GILMAN DR LA JOLLA CA  US  92093-0021 (858)534-4896
Sponsor Congressional District:	50
Primary Place of Performance:	University of California-San Diego 9500 Gilman Drive La Jolla CA  US  92093-0934
Primary Place of Performance Congressional District:	50
Unique Entity Identifier (UEI):	UYTTZT6G9DT1
Parent UEI:
NSF Program(s):	Cybersecurity Innovation
Primary Program Source:	01002122DB NSF RESEARCH & RELATED ACTIVIT
Program Reference Code(s):	7923, 8027, 9102
Program Element Code(s):	802700
Award Agency Code:	4900
Fund Agency Code:	4900
Assistance Listing Number(s):	47.070

ABSTRACT

The daily news clearly shows the increasing threat to safety and privacy of data, personal as well as intellectual property. The Department of Defense modified the DFARS clause to mandate that NIST 800-171 be followed for data classified and marked as CUI in 2017. The next evolution of this program is called Cybersecurity Maturity Model Certification CMMC. Other agencies, for example, Department of Education, have indicated that they are considering following a similar path to safeguard data. While these requirements improve the consistency of data handling between agencies and contractors and grantees, it leaves academic institutions to figure out how to meet such requirements in a cost-effective way that fits the research and education mission of the institution. Most institutions, agencies, and companies act in isolation with one-off contract language to address data security and safeguarding concerns. The Regulated Research Community of Practice (RRCoP) builds a network of people able to help each other in implementing an affordable but effective cybersecurity and compliance program at academic institutions. Even though cybersecurity has a clear and uniform goal of protecting data, a onesize solution does not fit all academic institutions.

Through this project, RRCoP accomplishes 1) Developing cybersecurity training resources that share validated and diverse best-practices. 2) Establishing a leadership training and development program accelerating availability of distributed university resources 3) Developing representation through strategic partnerships with industry and government entities. By supporting this community with development of a community strategic roadmap, regular discussions and workshops, and a repository of generalized and specific resources for handling regulated research programs RRCoP lowers the barrier to entry for institutions handling new regulations.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

Please report errors in award information by writing to: awardsearch@nsf.gov.