SecureMyResearch at Indiana University

Cybersecurity in academia has achieved significant success in securing the enterprise and the campus community at large through effective use of technology, governance, and education. It has not been as successful in securing the research mission, however, owing to the diversity of the research enterprise, and of the time and other constraints under which researchers must operate. In 2019, Indiana University began developing a new approach to research cybersecurity based on its long experience in securing biomedical research. This resulted in the launch of SecureMyResearch, a first-of-its-kind service to provide cybersecurity and compliance assistance to researchers and stakeholders who support research. It was created not only to be a commonly available resource on campus but also to act as a crucible to test new ideas that depart from or are beyond enterprise cybersecurity practice. Those include baking security into workflows, use case analysis, risk acceptance, researcher-focused messaging, etc. A year later, we have much to share that is encouraging, including use cases, results, metrics, challenges, and stories that are likely to be of interest to those who are beginning to tackle research cybersecurity. We also will be sharing information and advice on a method of communicating the need for cybersecurity to researchers that proved to be highly successful, and other fresh ideas to take home and leverage on your own campus.