The Trusted CI Framework provides a structure for organizations to establish and, improve, and evaluate their cybersecurity programs. The framework empowers organizations to confront their cybersecurity challenges from a mission-oriented, programmatic, and full organizational lifecycle perspective.
The Trusted CI Framework is structured around 4 Pillars that support a cybersecurity program: Mission Alignment, Governance, Resources, and Controls. Composing these pillars are 16 Musts that identify the concrete, critical requirements for a competent cybersecurity program. The 4 Pillars and the 16 Musts make up the “Framework Core,” which is designed to be applicable in any environment and for any organization.
On March 1, Trusted CI published the first Framework Implementation Guide (FIG). This FIG is designed for use by research cyberinfrastructure operators, including, but are not limited to, major research facilities, research computing centers, and major computational resources supporting research computing. It has been reviewed by our Framework Advisory Board, a diverse group hailing from the Research and Higher Education communities, and their comments incorporated in the published document. The FIG chapters provide roadmaps toward a mature cybersecurity program and advice on potential challenges. Tools and templates are provided to assist cybersecurity program implementation.
This session provides an overview of the Trusted CI Framework and the guidance and tools in the FIG.