EP 10 — Idaho National Lab's Robert Roser on Securing America's Nuclear Research Infrastructure

Drawing on his unique background in high-energy physics experimentation, Robert Roser, CISO & Director of Cyber Security at Idaho National Laboratory, offers valuable insights into the parallels between managing complex scientific detectors and securing critical national research infrastructure. He explores the evolving landscape of scientific computing security, from the open science environment of Fermilab to the classified research world of nuclear energy. 

Rob's practical experience implementing zero-trust architecture, managing international collaborations, and navigating federal compliance requirements provides a comprehensive view of modern cybersecurity challenges in sensitive research environments. His candid discussion of AI's impact on both security threats and solutions, particularly in the context of high-performance computing and shadow AI risks, also offers valuable perspective on the future of data protection in scientific research.  

Topics discussed:

• The transition from particle physics to cybersecurity leadership, highlighting transferable skills in managing complex systems and critical operations.
• The evolution of scientific computing security from open science environments to classified research protection at national laboratories.
• Implementation of zero-trust architecture for managing diverse international collaborations while protecting sensitive nuclear research data.
• The challenges of securing high-performance computing infrastructure while maintaining accessibility for legitimate research needs.
• Balancing federal compliance requirements with risk-based security approaches in government-funded research environments.
• The impact of AI on both security threats and defensive capabilities, including advanced phishing and automated security operations.
• Management of shadow AI risks and unauthorized cloud service usage in sensitive research environments.
• Future trends in data protection and infrastructure security, focusing on automation and advanced threat detection.
• Strategies for securing remote access while supporting global scientific collaboration and research initiatives.
• Career advice for aspiring cybersecurity professionals, emphasizing the importance of diverse experiences and continuous learning.