The WISE Community is proud to announce that the governing principles and approach of the SCI Framework were endorsed by key e-infrastructures for research from Europe and the rest of the world.
SCI (Security for Collaborating Infrastructures) is a framework of best practices and policy standards for security with the goal of facilitating collaboration during and after security incidents. SCI's governing principles cover incident containment, forensics, data protection and risk management and analysis of preventive measures.
The SCI framework is the first output of the WISE Community (Wise Information Security for E-infrastructure), set up in 2015 as a forum for security experts to discuss and share information on risk management, operational security and threat intelligence in the context of e-Infrastructures.
SCI's updated version 2 was officially endorsed during the TNC 2017 event by representatives of EGI, EUDAT, GÉANT, GridPP, PRACE, SURF, WLCG and the USA's XSEDE e-infrastructure.
With this endorsement, the e-infrastructures subscribe to the governing principles and approach of SCI as a medium of building trust and exchanging information in the event of security incidents.
Hannah Short, chair of the WISE Steering Committee, said:
"We are thrilled that SCI will be our first official WISE output. This endorsement shows us that we are on the right track for making information security for collaborating e-infrastructures a little wiser!"
The representatives of the endorsing e-infrastructures and projects also added their view on the SCI framework:
Tiziana Ferrari, technical director of the EGI Foundation:
"We know from our experience of working with 350 federated data centres that collaboration and sharing of expertise is the key to improve security. We are endorsing SCI to provide a more secure environment for EGI users and researchers in general."
Urpo Kaila and Ralph Niederberger, EUDAT's security and deputy security officer:
"EUDAT, as the pan European collaborative data infrastructure, recognizes the immense importance of information security implemented in a trustworthy way among collaborating e-infrastructures."
Paul Drake, chief information and security officer, GÉANT:
"As provider of the terabit backbone network for the research and education community, GÉANT recognises the vital importance of collaboration in security, tools and practices. This initiative demonstrates our commitment to working across e-infrastructures for the benefit of our community."
David Britton, GridPP project leader:
"GridPP welcomes the development of an information security community for the e-infrastructures, and underlines that the present activities by the research and e-Infrastructures should be continued and reinforced."
Florian Berberich, member of the board of directors, PRACE aisbl:
"The contribution of the WISE Security for Collaboration Infrastructures is essential and improves the site and network security of liaising organisations. PRACE welcomes and supports the initiative setup so far and is looking forward to collaborate in the trust framework in the future."
Erik Huizer, SURFnet’s CTO, on behalf of SURF - the Dutch National e-Infrastructure:
“Within research and education cooperation is essential. To enable this, an open and safe infrastructure is needed. The SCI Framework ensures this safety, now and in the future.”
Ian Bird, WLCG project leader:
"The SCI framework has played a key role in defining the collaborative security environment that we rely on in the WLCG. The expansion of this framework by WISE is an evolution that we welcome as we follow the increasing interdependence of infrastructures worldwide."
John Towns, PI and project director XSEDE:
"As research becomes increasingly an international collaborative effort, the SCI trust framework is a critical to allow infrastructures to support cross-infrastructure collaborations in manner that enables managing the inherent operational security risks."
The WISE Community was created in October 2015, following a workshop jointly organised by the GÉANT Special Interest Group on Information Security Management and the ad-hoc Security for Collaboration among Infrastructures group. WISE provides a trusted global framework where security experts can share information on topics such as risk management, experiences about certification processes and threat intelligence.