ARCSIM bolsters cybersecurity with addition of personnel

The Advanced Research Computing, Security, and Information Management (ARCSIM) group has recently expanded to reflect the enhanced compliance requirements of research work being conducted with the Department of Defense (DoD) Controlled Unclassified Information (CUI). In Fall 2023, Sammy Murphy, an IT Vulnerability Specialist, joined ARCSIM to focus on critical vulnerability management tasks in support of the University of Maine’s Advanced Structures and Composites Center (ASCC), one of the largest research centers within the University of Maine System.

With an increasing number of large, defense related grants being awarded to ASCC, managing security requirements and expectations is becoming a focal point of ARCSIM’s operations. Murphy graduated from UMaine with an interdisciplinary undergraduate degree focused on computer science and communication, and worked at ASCC as a student and then again after graduating. Murphy brings a familiarity and knowledge of ASCC to the ARCSIM team and has recently begun studying to complete a Systems Security Certified Practitioner (SSCP) certification as well.

A significant amount of federal funding awarded to ASCC is contingent on specific cybersecurity requirements. Working closely with Melissa Kimble, Senior Research Data Security Analyst, Murphy supports the IT Infrastructure required for these funding sources by monitoring device logs, threats, and security developments. Murphy explained, “Vulnerabilities can arise in many forms, including within software applications. If it is found that malicious actors are exploiting a certain vulnerability in an application, the application vendor will likely release an emergency security patch. We need to monitor logs, catch that, and patch it right away.” This effort ensures that ASCC meets cybersecurity requirements and that sensitive research data is safeguarded.

Beyond vulnerability management, Murphy’s familiarity and knowledge of ASCC has been instrumental in evaluating existing policies and procedures that affect the center’s cybersecurity posture. This work has resulted in input and oversight of over 35 policies, a multi-stakeholder effort that has been expedited through Murphy’s expertise. These policies and procedures have been adapted to reflect current and pending cybersecurity requirements for the center.   

For Murphy, the best part is collaborating with colleagues on collectively understanding what threats are out there and how those threats can be best addressed and communicated. “Part of what I do is make this information digestible,” remarked Murphy. “It is important that people understand the threat, why we are concerned about it, and how we are addressing it.”

Shane Moeykens, ARCSIM Director, states, “Roles like Murphy’s will only become more important as research across the University of Maine System continues to grow. This growth is contingent on maintaining secure computing environments for research activities and data, and thereby preserving external funding and executing nationally important research activities.”