As India aims to achieve its development objectives by 2047, the government has laid an emphasis on the role of science and technology in strategic and emerging sectors. Investment in cutting-edge technologies is essential to stay globally competitive, address societal challenges and unlock economic opportunities. Like in many nations, India is building an innovation ecosystem to harness the transformative power of these technologies. However, along with this intensification of research and development (R&D) arises a new challenge — research security.
While collaboration and the free exchange of knowledge are fundamental to scientific progress, there are new risks in the rapidly evolving geopolitical landscape. Foreign interference, intellectual property theft, insider threats, cyberattacks, and unauthorised access to sensitive information are concerns for countries investing in advanced technologies. If left unaddressed, they could undermine India’s progress in strategic sectors. Research security, in this context, refers to safeguarding scientific research from threats to confidentiality, economic value, or national interest. India is ramping up investments in strategic technologies which include space, defence, semiconductors, nuclear technology, cybersecurity, biotechnology, clean energy, artificial intelligence, and quantum technology. So, ensuring strategic research outputs remain protected is critical. Any breach of security could compromise national interests, delay technological advancements, and expose sensitive data to exploitation by foreign actors.
Policymakers must focus on strengthening research security as a part of India’s broader science and technology strategy. This involves a concerted effort to protect sensitive data, intellectual property, research infrastructure, and personnel. Preventing espionage, sabotage, and adversarial foreign influence are essential to safeguard India’s R&D investment.
The global landscape, China factor
The issue of research security is not far-fetched, as there have been several cases of research security breaches around the world with serious consequences.
In a famous case, a senior professor at Harvard University and his two Chinese students were arrested for not-disclosing their links to Chinese funding, while also receiving funding from the U.S. Department of Defense. In another case, COVID-19 vaccine research facilities were subject to cyber attacks in 2020 to steal sensitive vaccine research and development data. The European Space Agency (ESA) has also suffered several cyberattacks to sabotage or steal sensitive information, prompting ESA to develop a partnership with the European Defence Agency on cybersecurity.
Such incidents have prompted several countries to develop policies and guidelines to strengthen research security. The US CHIPS and Science Act has several provisions on research security, which are complemented by other guidelines; these include the research security framework of the National Institute of Standards and Technology. Canada has come up with National Security Guidelines for Research Partnerships and a Policy on Sensitive Technology Research and Affiliations of Concern, along with a list of sensitive technologies.
Moreover, the country has identified research institutions — primarily from China, Iran, and Russia — with which collaborations should be avoided. The European Council’s recommendation is taking a different approach based on the principles of self-governance by the sector, a risk-based and proportionate response, and country-agonistic regulations. It underlines the need to establish a centre of expertise on research security and highlights research security-related guidelines for Horizon Europe, the primary research funding programme of the EU. Several of these initiatives are partially driven as responses to the military-civil fusion strategy of the Chinese Communist Party, which promotes the use of dual-use technology, technology transfer, funding and foreign collaborations; there is a close nexus between China’s defence industry, universities and research institutions to develop and share strategic research and technologies between the civilian and military sectors.
Promoting research security in India
Unfortunately, the concept of research security has received little attention in academic circles and government policymaking, leading to vulnerabilities that adversarial actors could exploit. The first step would be to systematically map the security vulnerabilities in our research ecosystem. This would involve understanding the nature of foreign influence in our universities, assessing the vulnerabilities of key research labs and sensitive research infrastructure, analysing foreign collaborations and funding in strategic technologies, and reviewing the personnel hiring and access control practices to comprehend possible insider threats in the crucial research facilities. For this, government agencies and research institutions need to deliberate on possible steps to make strategic research more secure while avoiding over-regulation. Further, engagement with trusted international partners could be explored for the initial capacity building and awareness-raising in this area.
Concrete steps would require security and intelligence agencies to engage with researchers and develop an understanding of the sensitive research areas. This would also necessitate the classification of research in different categories based on strategic value, possible economic impact and the national security implications. Thus, a research security framework could be developed providing research security guidelines. Here, a risk-based and proportionate response approach similar to the one recommended by the European Council could be considered as it seeks to avoid over-regulation while reducing security risks. There would be a requirement to develop a research security surveillance mechanism to keep tabs on emerging risks.
COMMENT | Patching the gaps in India’s cybersecurity
Observe these cautions
There are several in-principle and practical challenges for research security. For instance, science is inherently international and collaborative in nature and international collaborations are crucial drivers of scientific progress. Research security seeks to restrict certain funding and collaborations, which would be opposed by researchers for infringing on academic freedom and hindering scientific progress. Similarly, research security would also have to find a balance with open science, which includes sharing of research infrastructure, open data, and involving the general public in the scientific research via citizen science. Rightfully, open science is promoted by governments, funding agencies, science academies, and individual researchers.
Another major challenge would be the additional administrative and regulatory burden that research security would bring to research institutions and individual researchers, already strangled by the overly bureaucratic nature of our institutions and funding agencies. It is crucial that research security is implemented in close collaboration with the technical experts rather than security and intelligence agencies making decisions without full understanding of the matter. It is important that research security should not become an instrument of political interference in academic institutions.
Research security would require significant funding, effective communication, engagement, and capacity building to create a cadre of professionals who could design, develop, implement and lead research security efforts in India. A dedicated office similar to one at the U.S. National Science Foundation could be created for research security in the newly established Anusandhan National Research Foundation (ANRF). Such an office could become a focal point for coordinating and synergising efforts for research security among security agencies and academic institutions. Finally, researchers should be engaged at all levels of decision-making to find the right balance of security issues with open science, regulatory burden and scientific progress. Here, the spirit of ‘as open as possible and as closed as necessary’ could help guide decision-making.
Suryesh Kumar Namdeo is Senior Research Analyst, Indian Institute of Science, Bengaluru, and a member of the Indian National Young Academy of Science. Moumita Koley is Senior Research Analyst, Indian Institute of Science, Bengaluru and Research Fellow at the Research on Research Institute (RoRI), U.K.
Published – December 02, 2024 01:08 am IST
