Meet Melissa Kimble, ARCSIM’s Research Data Security Analyst

By Iris May-Fleming, Media Intern

In an age where cybersecurity threats are increasing at an alarming rate, the importance of securing sensitive data within research institutions has never been more critical. One individual dedicated to this cause is Melissa Kimble, a Research Data Security Analyst at the University of Maine (UMaine).

As the data security analyst for UMaine’s Advanced Research Computing, Security, and Information Management (ARCSIM) group, “My position is really to help translate cybersecurity needs to researchers, faculty, and staff.” Kimble said. “A lot of researchers need an extra level of protection for their data, whether that’s Department of Defense research, Department of Energy, Department of Health and Human Services, or really any personal data that doesn’t have specific regulatory requirements but we consider sensitive.”  

The journey to her current role has been a winding one. With a background in anthropology and geospatial information science, Kimble found her passion for computer science through her coursework. This led her to pursue a second bachelor’s degree and a subsequent master’s degree. She worked at a tech company briefly as well, which further cemented her interest in computing. “I’ve had a pretty broad interest in computer science,” Kimble explained. “I started out mainly with data science, over time I started emphasizing more data engineering, and the missing piece was cybersecurity. Security sits in the background of all that, but I didn’t focus explicitly on it. I’d always wanted to know more, and now it’s my main focus.” With five years at UMaine pursuing a Ph.D. in spatial information science and engineering,  Kimble has a deep understanding of research at UMaine. She contributed to the NSF EPSCoR RII Track-1 SEANET and Maine-eDNA projects before joining ARCSIM in her current role. 

A typical day for a Research Data Security Analyst involves a wide range of tasks, from contract reviews and consulting to project management and standards development. Recently, Kimble worked with the Information Security Office, the Office of Research Compliance, and the ARCSIM team to develop a foreign travel policy to protect the university’s data while traveling overseas. “A big part of my time is consulting,” Kimble explained. “We don’t charge for security services. Researchers will come in wanting to improve their current security posture, and we develop a plan together to help them get to where they want to go.” This isn’t easy due to the ever-changing landscape of cybersecurity and specificity of different bodies of regulations. Subsequently, Kimble’s work often involves extensive reading and summarizing federal and state regulations to stay informed and prepared for the growing list of cybersecurity requirements. 

“The federal requirements for conducting research have been increasing, especially since the onset of the COVID-19 pandemic,” Kimble explained. With the recent surge in remote work, compliance with federal regulations became increasingly complex. Researchers now have to navigate new requirements related to data security, privacy, and confidentiality. Additionally, some research projects that require on-site access to specialized equipment and facilities face unique challenges. Kimble described the importance of universities prioritizing compliance with federal regulations, ensuring the integrity of their research. She recommends that researchers stay informed about the latest regulatory changes, and to contact ARCSIM if they have any questions. ARCSIM will be conducting at least one security focused seminar per semester going forward to help researchers stay abreast of the evolving cybersecurity environment.