Universities need additional support to protect international collaborations from espionage threats, says Ben Moore
Innovation and research security were top of the agenda at last month’s summit of the Five Eyes Alliance, the intelligence partnership between Australia, Canada, New Zealand, the UK and US. Speaking to the gathering in California, Ken McCallum, head of MI5, said that the UK is already facing hacking and other threats on an epic scale from hostile states looking to gain an economic advantage by stealing data and ideas.
As intellectual property has become a national strategic interest, universities have found themselves on the frontline of the fight against industrial espionage. Institutions recognise the need to be clear-eyed about the security threats associated with overseas partnerships and have made progress in identifying and managing risks.
In no small part, this is due to the collaborative approach taken by the UK government and security services in engaging the sector. There has been a step-change since 2019 in universities’ work to ensure projects are scrutinised for security risks and academics are aware of the potential risks associated with international research collaborations.
The result has seen some Russell Group universities, for example, rejecting sizeable partnership offers and donations on grounds that they posed a security threat. Research collaborations have been blocked and programmes ended early in response to new intelligence.
But as we get better at identifying and acting on potential threats, the nature of those threats is also evolving. Our response needs to change too.
UK research success often depends on building teams of complementary individuals and institutions that span the world. Through international collaborations, UK science is benefiting directly from work on topics such as managing antimicrobial resistance, health challenges associated with an ageing population and technologies that can help us on the road to net zero.
But expertise that can shift the dial on such global problems is not always located conveniently in countries with similar values to the UK. It is right that we partner with other countries, but this does not mean assuming good faith on the part of all partners, or simply accepting the risk of espionage as the cost of doing business.
So how can universities and their business partners be supported to scale up their processes to manage security risks? The government’s secure innovation guidance, launched in October, is an important step. This will be a vital resource for academic spin-out companies as they grow, and will guide universities working with industry.
But wider investment is needed to protect the research that will be crucial to the UK’s economic future. That’s why in its submission to the Treasury ahead of the chancellor’s autumn statement, the Russell Group called for the government to support a UK research security fund based on a successful Canadian scheme launched in 2022.
This five-year scheme provides Ca$125 million (£74m), distributed proportionately by university research intensity. It has allowed Canadian universities to upgrade physical spaces to boost security in labs, enhance cybersecurity protections to safeguard intellectual property, prevent ransomware attacks, and build in-house security teams.
For example, some Canadian universities have created dedicated posts for open-source intelligence analysts to improve due diligence activities. Others have hired staff to target academic outreach to help drive further awareness of threats.
Keeping the UK safe depends on getting national security legislation and regulation right, but this also needs to be matched by investment, so that the researchers and research managers at the sharp end of security threats can respond to new dangers quickly and effectively.
This is what a new research security fund would help deliver. It would be a force multiplier that would maximise the impact of the extensive work UK universities are already doing in this area.
The Russell Group’s modelling suggests a UK fund on the same scale as the Canadian scheme would cost around £25m a year. But with the UK committed to investing £20 billion of public money each year in R&D by the end of this parliament, this would be a small price to pay to safeguard the country’s competitive advantage.
As continue to consider the undoubted opportunities that artificial intelligence and other technologies have to offer, it is also the right time to be considering how to safeguard future developments. A UK research security fund has a crucial part to play.
Ben Moore is head of policy (international) at the Russell Group
This article also appeared in Research Fortnight