In recent years, concerns have grown about foreign actors exploiting the openness of the U.S. research ecosystem to misappropriate scientific and technological information to enhance their nations' scientific, economic, and military capabilities. Research security requirements for academic institutions currently include research security training, disclosure of funding sources in applications for federal research and development awards, and the development of comprehensive research security plans focused on cybersecurity, foreign travel security, insider threat awareness training, and export control training and compliance. These requirements are being implemented, and additional requirements are being contemplated. To consider the impacts of current and potential research security requirements, the National Academies of Sciences, Engineering, and Medicine convened a workshop on May 22-23, 2025, in Washington, DC. The event focused on potential measures of effectiveness and performance and the data needed to assess research security and protection efforts in higher education by a range of federal agencies. This proceedings describes the presentations and discussions at the workshop.