Technology Services staff sat down with new Deputy CIO and Chief Information Security Officer Kim Milford to learn more about her background, strengths, goals, and a bit about her personality.
Can you talk about your background in cybersecurity and privacy?
In 1996 I started my career at a private corporation in Chicago. From there I moved to higher education and worked at the University of Wisconsin – Madison where I experienced protecting data in a university setting with many communities and data types. This was before the days of a lot of compliance regulations. The HIPAA law had just passed when I was there.
Next, I joined the University of Rochester as the Information Security Officer. But as time went on, I decided that the Big 10 was a good fit. I worked for about 15 years at the University of Indiana and enjoyed the challenges and complexities in a variety of roles. In those roles I could solve problems for people and was drawn to the mission.
My most recent position was executive director of REN-ISAC, aiding international members and partners in protecting data, resources, and people. It’s an important service, but I missed the operational component. The University of Illinois offered that.
What appealed to you about the University of Illinois and Technology Services as the next step in your career?
I am originally from downstate Illinois. I appreciated the maturity of what Technology Services is doing. I have done lots of startup activities within cybersecurity. In joining a mature program like this one, the problems are more challenging. I love the aspect of looking at what is new and different in threat protection.
I was impressed by the team during the interview phase and in my first few weeks here. Everyone is helpful and provides great information.
What have you been learning about Technology Services’ role at the university?
We are not trying to do it all at once or alone. We can be successful with intentional partnership. Pockets throughout the university can deliver more based on expertise when we work together versus us being the whole IT shop. There’s a very collaborative spirit here and that’s showing through.
What opportunities do you believe we have in front of us?
In cybersecurity we’ve done a lot of the basics. There’s a chance to demonstrate more value to the university and show how we can lend and leverage strengths for the university community.
Have you identified any challenges you expect to tackle in your first year on the job?
One is regulated research. Working with stakeholders, we’ll have to set up appropriate systems that help researchers meet standards set by the government.
Then there is regulation in general. How can we comply within the university’s strategic framework? We’ll be thinking about the best ways to deliver that. I used to hate compliance because it felt like a checklist. Now it is one of the more interesting parts of our jobs. There has been a lot of growth recently in regulation around privacy. How do we ensure the privacy of data comprehensively, do it ethically, and help students and others understand and be advocates for their privacy?
What are some skills you bring to the job that you hope will be a benefit as the organization continues to work in a competitive and evolving educational environment?
I find it requires a constant view of the big picture. I bring a slow measured approach that runs counter to the pace of technology. I know there is no magic bullet tool that gives us everything. I bring patience in coming up with solutions. You can take short term steps to decrease risks while you build long term solutions.
I value partnering knowing we can’t do it alone. I look forward to that.
And, I have a lot of compliance expertise and can help as we move more into regulated research and address other issues.
What are you excited about as you have begun to meet with members of your team?
I have been so fortunate because I already have a group of colleagues that I am comfortable with, and it feels like the whole team has my back.
What should members of the campus community know about you as a colleague and collaborator?
I like to listen. I will ask questions. I want there to be rich conversation.
What is something that you enjoy in your free time?
I love to travel. A trip to Machu Pichu keeps moving higher up on my travel bucket list. I like its remote location and the physicality of getting there.
I also knit and crochet and like working with yarn generally. I make a lot of stuffed animals. I recently crocheted a Pokémon for my nephew’s son. My mom, grandma, and sister all crocheted. I am a faster crocheter and enjoy both.
What is something you have always wanted to do or learn that you have not yet done?
I want to finally learn to speak another language.
Where do you like to go to get away from it all?
I live in a small Indiana town. I go out on my deck in the evening and look at the lake. It’s a great place to reset.