Until around 2021–2022, research security was rarely a focus in European university policies. Since then, it has quickly become a central concern for higher education institutions—particularly for universities of science and technology, given the sensitive technology domains many of them operate in. This was explored in-depth in a white paper published in 2023.
Throughout 2024 and 2025, CESAER organised a series of research security seminars with its Member universities. These sessions explored both the challenges and practical approaches to shaping and implementing research security policy, integrating it with existing processes, and embedding it at both central levels and across the university. Sharing lessons learned has been instrumental in developing research security across the sector and remains essential for creating a European level-playing field.
One key takeaway is the everyday complexity of research security. The slogan “as open as possible, as closed as necessary” is popular because of its apparent simplicity, but in practice, universities must decide, sometimes on a daily basis, which core values are at stake, which fundamental rights could be affected, and where the boundaries lie between what is possible and what is necessary.
Universities are learning how to navigate legal requirements, such as screening individuals or entities under international sanctions, alongside legal prohibitions, such as avoiding discrimination or profiling, while raising awareness and avoiding stigmatisation.
At the same time, they also face public pressure, such as media claims about restricting collaborations with certain countries, or government inquiries about academic freedom training for students and staff from specific regions. Academic freedom, however, concerns all members of the academic community, not just those from “high-risk” countries.
While some universities in Europe are still working on the initial phase of embedding research security into their daily practices, attention must also turn to the next phase of research security: safeguarding academic freedom, strengthening digital sovereignty, and protecting institutional autonomy in a rapidly changing geopolitical context. Universities may need to respond if pressured to compromise core values or fundamental rights—a challenge that is increasingly urgent as global developments accelerate.
Research security, like academic freedom, open science, digital sovereignty, and institutional autonomy, is a shared responsibility of universities, national governments, and the EU institutions. Focusing on one aspect should not come at the expense of the others.
CESAER’s recent input note titled ‘Research security as a collective responsibility: empowering universities, enabling Europe’ outlines this shared approach. In the early phase, universities can support research security by ensuring visible commitment from senior leadership, creating a multidisciplinary structure, providing accessible guidance and practical tools, and raising awareness across the institution. In the advanced phase, universities can strengthen their foundations by aligning and embedding research security in existing processes, engaging in sector-wide dialogue, offering structured training for different target groups, developing a roadmap with milestones for gradually expanding policies and support structures, and establishing dedicated advisory teams.
Of course, it is important to acknowledge that there is no universal model for implementing research security. Each context is different: universities and countries vary in scale, structure, resources, and regulatory environments. Even within the same institution, approaches and attitudes towards research security can differ markedly across faculties. This diversity adds complexity but also underlines the value of strong institutional commitment. Visible leadership, paired with clear communication and collaboration across departments, is key to making sustained progress.
Additionally, it is important to note that research security cannot be developed in isolation. It needs to be coherent with wider institutional and national policies. Governments should ideally act as facilitators—offering guidance, sharing expertise, and demonstrating best practice through transparent and robust systems. Institutions, for their part, should avoid letting uncertainty or apprehension hinder action.
Universities also play a critical role in incentivising and empowering researchers. Career incentives are often unrelated to research security, focusing instead on grants, publications, international collaborations, teaching and PhD supervision. Early-phase measures in advancing research security can therefore include providing training, online resources, guidelines, structured risk-checks, and peer networks, while advanced-phase actions may include recognition, career support programmes, and professional development initiatives.
Outlining a clear definition of responsibilities for researchers and support staff, along with structured guidance, is essential at all stages. These steps can help researchers, support staff, and university leadership navigate everyday decision-making, balancing openness, legal obligations, and institutional values. National and EU level support is equally crucial.
Universities can start to assume their responsibilities by taking early measures, but to ensure a European level playing field, there is a particular need for EU-level support, such as a research security helpdesk, due diligence tools, and dedicated guidance on relevant regulations, including sanctions, export control, visa vetting, investment screening, GDPR, NIS2, the AI Act, the Chips Act, the EU Blocking Statute, and ethical guidelines for AI. To further advance strategies in research security, higher education institutions require accessible legal advice and guidance to interpret European research security policies and relevant legislation.
Building a culture of ownership and responsibility will not happen overnight. Legal and compliance frameworks are necessary, but insufficient in their own right. We should not overregulate, and we should seek a European approach to research security, one that reflects the diversity and benefits of our European scientific ecosystem: global collaboration, excellence, and scientific freedom.
What is required is a more integrated and supportive, European approach—one that involves researchers directly and equips institutions to take informed, proportionate decisions. Establishing such a culture across the research sector is a gradual process that will evolve over time.
For further reading, please read the CESAER research security input note. As emphasised throughout, research security should never be pursued in isolation from academic freedom, open science, digital sovereignty, and institutional autonomy—particularly in the current geopolitical context.
Irna van der Molen is the Secretary of CESAER Task Force Openness of Science and Technology, and senior policy advisor knowledge security at University of Twente. Her contact details are available via University of Twente.
We use both our own cookies and those of carefully selected partners we collaborate with.
Check out our detailed Cookie policy » and our Privacy policy » .