Kim Milford


Kim Milford serves as Executive Director of the REN-ISAC, working with research and education institutions, partners, and sponsors to provide services and information that allow member institutions to better defend technical environments from cyberthreats.  Ms. Milford oversees administration and operations for the REN-ISAC. Ms. Milford served in several roles leading strategic IT initiatives since 2007 at Indiana University. As Chief Privacy Officer, she coordinated privacy-related efforts,  chaired the Committee of Data Stewards, and directed the work of the University Information Policy Office and IU's IT incident response team. Prior to joining Indiana University, Ms. Milford worked as Information Security Officer at the University of Rochester.  In her position as Information Security Manager at University of Wisconsin-Madison from 1998 - 2005, she assisted in establishing the university's information security department and co-led in the development of an annual security conference.  Ms. Milford provides cybersecurity expertise and presentations at national and regional conferences, seminars and consortia; taught courses on Internet security, and authored/co-authored many articles on the subject.  Ms. Milford has a B.S. in Accounting from Saint Louis University in St. Louis, Missouri and a J.D. from John Marshall Law School in Chicago, Illinois.

EDUCAUSE Publications

  • What's Next for HECVAT
    • Blog

    Version 2 of the HECVAT tool includes a range of accomplishments, changes, and improvements as part of Phase III of the tool’s development, and more activities are planned for 2019.

  • Save Time and Boost Credibility with the HECVAT
    • Blog

    Institutions are using the HECVAT to improve their vendor assessments and procurement processes, and this higher education–specific tool can also help vendors streamline responses and save time.

  • HECVAT and the Crazy Brilliant Idea
    • Blog

    A team of EDUCAUSE, Internet2, and REN-ISAC volunteers has developed a toolkit that helps colleges and universities select vendors that demonstrate information security best practices. This post describes recent collaborative efforts and sets expectations for the HECVAT project's next phase.

EDUCAUSE Presentations