REQUEST FOR PROPOSALS Subject Matter Expert(s) for Research Vetting, Individual Cybersecurity, and Knowledge Security Training for Ukrainian Scientists, Technicians, and Engineers
Deadline: 20 December 2022
The ISTC is seeking subject matter expert(s) (SMEs) to aid in the development of curriculum for Ukrainian scientists, technicians, and engineers (STEs) focused on research vetting, individual cybersecurity, and knowledge security training. The ultimate goal for this curriculum is to provide course participants with the skills to (1) protect their sensitive dual-use relevant knowledge, including both tangible (written) and intangible (unwritten) knowledge; (2) maintain responsible science, scientific ethics, and individual cybersecurity best practices while being engaged by potential funders and collaborators of unknown origin; (3) utilize publicly available tools and techniques to conduct thorough risk assessments and vetting of potential partners and research and/or temporary employment opportunities; and (4) prevent the transfer of their sensitive technology and safeguard their intellectual property. This curriculum will be used in the execution of a hybrid, three-day workshop for Ukrainian STEs who have been displaced or their research/livelihood disrupted due to the Russian invasion of Ukraine.
During each workshop, the selected SME(s) will also provide presentations and lead interactive discussions based on their developed curriculum for Ukrainian scientists on how to employ practical knowledge security best practices specifically in their displaced and disrupted circumstances, including how to vet or evaluate a potential research or temporary employment opportunity; how to identify high-risk research collaborations that could be exploited by proliferator states (whose involvement in the project may not be obvious); how to utilize scientific, ethical, and individual cybersecurity best practices in their displaced and disrupted circumstances; and, how to prevent sensitive technology transfers and intellectual property theft (including theft of intellectual property in intangible form, such as know-how). The selected SME(s) will explore with participants how to collaborate virtually with their home institutions and governmental authorities to prevent these experts’ unwitting collaboration with proliferator states.
ISTC is seeking SMEs with experience in:
- RESEARCH/WRITING: SMEs should have experience in and ability to develop curriculum that aids Ukrainian STEs in finding and vetting research opportunities, including using tools available to them to identify red flags that indicate a research risk from a potential proliferator state. This course material and instruction should include an examination of instructive case studies, followed by a demonstration of open-source methods to investigate research institutions, and identify possible illicit affiliations. AND/OR,
- CYBERSECURITY: SMEs should have experience in and ability to develop curriculum that provides Ukrainian STEs with scientific, ethical, and individual cybersecurity best practices in their displaced and disrupted circumstances;
- KNOWLEDGE SECURITTY: SMEs should have experience in how to identify and protect sensitive dual-use research and related scientific knowledge, in both tangible and intangible forms, from inadvertent disclosure to potential proliferator states or other malign actors. SMEs should understand how to prevent sensitive knowledge transfers through publications, presentations, emails, or other exchanges, and how to prevent intellectual property theft (including theft of intellectual property in intangible form, such as know-how). AND,
- DISSEMINATION/TRAINING: SMEs should be able to develop training materials and platforms to disseminate this knowledge to Ukrainian STEs and be able to deliver this training through both in-person and virtual workshop formats.
Tasks and Deliverables:
ISTC is seeking SME(s) which can implement either the whole project OR any portion of the deliverables suited to the SME(s) capabilities and experience. Proposals supporting the whole project are preferred, particularly with options for rapid implementation.
ISTC will consider proposals from both individuals and institutional teams which can support the following tasks and deliverables:
- Develop curriculum and an agenda for a hybrid, three-day course on knowledge security, individual cybersecurity, and research vetting. All course material will be provided to the STCU for review and feedback at least 45 days in advance of each event.
- Deliver a hybrid, three-day workshop, utilizing the developed curriculum, at a location to be determined, engaging at least 25 Ukrainian STEs in-person and the same number in virtual format.
- Provide a one-page project summary, including project goals, and other relevant information, bearing in mind that the estimated engagement dates are in early April 2023.
- Be prepared to provide reach-back support for participants for a duration of one month following the training course (in the form of a learning platform access or direct e-mail communication).
- Attend coordination calls as needed.
- Submit After Action Reports which summarize observations, successes, lessons learned, and recommendations for future programming based on the trainings.
Preferred Contractor Requirements:
- At least five years of relevant experience conducting research, delivering briefings or trainings, and/or implementing policy or capacity-building activities.
- Experience related to research vetting and/or cybersecurity and knowledge security.
- Experience with virtual event, capacity building programs, teaching, and/or leading trainings for international audiences. The webinars will be recorded and distributed after the live event.
- An understanding of the regional political and cultural dynamics in Ukraine and Eastern Europe.
Each proposal must include:
- Statement of Interest and Technical Capabilities, including
- list of recent experience and past performance related to the preferred requirements above
- experience directly addressed (including where there is none) as follows:
- KNOWLEDGE SECURITY
- Cost proposal. Please structure as costs per deliverable and total project cost; OR include hourly rates, labor hour estimates per deliverable, and the total project cost.
- Applicable references regarding the past performance (if available).
The authors of proposals can contact the ISTC to request further information via the dedicated ISTC e-mail (firstname.lastname@example.org). Proposals should be submitted electronically to e-mail (email@example.com ) and must contain “Training in Cybersecurity Knowledge Security for Ukrainian STEs” in the e-mail subject header.