Many research computing providers are currently working to comply with enhanced data security requirements mandated by U.S. funding agencies to protect Controlled Unclassified Information (CUI) and other sensitive data when used on their cyberinfrastructure. The most common data security frameworks include the National Institute of Standards and Technology (NIST) 800-171 for CUI, the Cybersecurity Maturity Model Certification (CMMC) for defense-related CUI, and the Health Insurance Portability and Accountability Act (HIPAA) for health information. Progress toward compliance with these frameworks is a complex and iterative process, and therefore numerous approaches have been undertaken. This panel discussion provides a forum to share information, experiences, and ideas regarding secure HPC.
