At SEMICON West, imec leaders Tom Palmaers and Giselle Van Tornout addressed a seldom-discussed but deeply consequential reality: traditional security models often fail in research and development (R&D) environments.
Their session reframed cybersecurity not as a purely technical discipline but as a human and cultural one—particularly in environments built on discovery, creativity, and rapid iteration. Imec’s perspective reflects decades of working at the forefront of semiconductor R&D, where intellectual property, collaboration, and innovation coexist in fragile balance.
1. R&D Requires a Different Security Mindset
In contrast to manufacturing, R&D environments change constantly. Projects evolve or pivot quickly, partnerships shift, and new collaborators enter regularly. Imec emphasized that rigid, enterprise-style security frameworks can impede progress, drive researchers toward shadow IT tools, or inadvertently weaken security.
Instead, R&D needs adaptive controls that reflect the sensitivity of the work, the fluidity of partners, and the nature of the data involved.
2. Trust Is a Foundational Security Control
Palmaers and Van Tornout underscored that effective security in R&D begins with trust. Security programs must view researchers not as risks to be constrained, but as partners whose engagement is essential.
This means cultivating an environment where:
- Researchers understand the value of security
- Leadership models secure behavior
- Policies feel enabling rather than restrictive
- Individuals feel responsible for protecting shared assets
Trust transforms the role of people from “weakest link” to “strongest defense.”
3. Rigid Controls Can Suppress Innovation
The session highlighted a central tension: excessive security controls can slow experimentation, impede collaboration, and encourage workarounds that create new vulnerabilities.
Imec’s experience shows that:
- Hard technical controls alone rarely succeed
- Flexibility is necessary for scientific progress
- When controls are too restrictive, researchers find ways around them
Security must be designed to support innovation, not inhibit it.
4. Adaptive, Human-Centric Models Deliver Better Outcomes
Imec described a security methodology guided by principles of human-centric design. This approach emphasizes:
- Minimal operational friction
- Tailored safeguards based on project sensitivity
- Cultural integration of security practices
- Clear communication and shared responsibility
This adaptive model supports collaboration while ensuring intellectual property and research integrity remain protected.
5. Security Culture Is Not Static—It Requires Leadership
A particularly compelling insight from Palmaers and Van Tornout was that organizational culture is not fixed. It oscillates based on leadership signals, operational pressures, and team norms.
Security programs must therefore work to:
- Reinforce positive behaviors
- Provide context for policies
- Encourage secure collaboration
- Create feedback loops between researchers and security teams
Servant leadership—where leaders enable rather than dictate—was highlighted as a powerful catalyst for building a resilient security culture.
6. The Path Forward for R&D Security
Imec’s guidance offers a roadmap for semiconductor organizations seeking to balance security with innovation:
- Focus on culture as much as controls
- Design policies that adapt to research workflows
- Empower researchers to take ownership of security
- Align leadership messages with secure practices
Their session at SEMICON West also underscored a larger industry truth: human-centered security is not a compromise—it is an accelerator for innovation.
Source: “Secure Together: Building Cybersecurity Resilience Through Industry Alliances,” SEMICON West 2025. Speakers: James Kaplan (McKinsey & Company); Quentin Kantaris (TXOne Networks); Bradford Hegrat (Accenture); Nijaz Velic and Richard Morris (NY CREATES); Tom Palmaers and Giselle M.H. Van Tornout (imec); SZ Lin (Sun Square); Ross Mahler and Marty Wachi (Moxa); Simon Davies (Renesas); Jennifer Lynn (IBM); Prabhu Jayanna (AMD); Anusha Annapareddy (Applied Materials); Bertrand F. Cambou (High Entropy Security); Daniel O'Loughlin (Qualcomm). Panel moderator: Andrew M. Seward (Tokyo Electron America).
