21 Research Security

In this section:

21.1 What is research security?
21.2 What is the federal government’s policy on sensitive technology research and affiliations of concern?
21.3What are the national security guidelines for research partnerships
21.4 Mitigating economic and geopolitical risk checklist
21.5Research Resources

If you are unable to find the answer you are looking for in this section, please contact us here.

21.1 What is research security?

The Government of Canada defines research security as the ability to identify:

  1. Possible risks to one’s work through unwanted access, interference or theft.

  2. Measures that minimize such risks and protect the inputs, processes and products that are part of scientific research and discovery. 

Mitigating the risks to research security is important in safeguarding research. Researchers should work with the university to conduct due diligence, risk assessment and development of risk management strategies to ensure that the researchers understand their role in protecting their research. 

21.2 What is the federal government’s policy on sensitive technology research and affiliations of concern?

Under the federal government’s policy on Sensitive Technology Research and Affiliations of Concern (STRAC), any grant applications submitted by a university or an affiliated research institution to any federal granting council (NSERC, CIHR and SSHRC) or the Canada Foundation for Innovation (CFI) will follow a two-step process prior to submission.

Applicants are advised to read instructions for each grant opportunity to determine whether and how the STRAC policy applies. The Tri-Agency guidelines outline which programs the policy applies to. For more information, refer to the federal government’s frequently asked questions on the policy

Step 1:

Determine whether the proposed research aims to advance a Sensitive Technology Research Area (STRA):

  • If it does not, no further steps are required under the policy and the federal grant application process shall continue.

  • If it does, proceed to step two.

A research project is not considered to be advancing a STRA if it is only using or applying the STRA in relation to the project. Under the policy, research aims to advance a STRA if, during the grant, it will support the generation or discovery of knowledge that contributes to progress in the development of a STRA and/or its sub-categories as defined in the list.

Step 2:

Check affiliations of researchers involved in the activities and determine whether any researcher is currently affiliated with or is in receipt of funding or in-kind support from a Named Research Organization (NRO). 

Should any researcher currently be affiliated with or is in receipt of funding or in-kind support from at least one of the listed organizations, the researcher will be rendered ineligible for funding. Past affiliations are not considered. Please contact your research facilitator if there is an affiliation with an NRO.  

Additionally, when the proposal advances a STRA, all researchers with named roles (including but not limited to applicants, co-applicants and collaborators, as defined by the granting agency) will be required to attest that they have read, understood, agree with and are compliant with the policy, and they should remain compliant for the duration of the federal grant. Highly Qualified Personnels such as grad students are excluded from the definition of researchers with named roles, even if they have been named in the application.

21.3 What are the national security guidelines for research partnerships?

Some funding opportunities, such as the NSERC Alliance, may also be subject to the National Security Guidelines for Research Partnerships. These guidelines are distinct from the STRAC policy and integrate national security considerations into the development, evaluation and funding of research partnerships, which allows researchers, their institutions and government funding agencies to be in a better position to undertake due diligence of potential research security risks.

As part of these guidelines, an applicant may also be asked to complete and submit a Risk Assessment Form

21.4 Mitigating economic and geopolitical risk checklist

The Government of Ontario is also taking steps to safeguard research undertaken in Ontario institutions and protect the long-term economic security and interests of the province. Institutions are asked to assess funding applications for potential economic and/or geopolitical risks and help researchers identify and mitigate such risks. The Ontario MEGR checklist is distinct from the federal two-step STRAC policy.

Completion of the MEGR checklist is required as part of submission for grant applications to the Ontario Research Fund Program.

21.5 Research security resources

21.5.1 External Resources

  • Safeguarding Your Research: This Government of Canada website includes general information about research security that provides details about the need to safeguard research, whom researchers could be at risk from and what the potential risks are. 

  • Research Security Training Courses: Three publicly available courses by the Government of Canada that will help Canadian researchers acquire knowledge on how to protect their research: Introduction to Research Security, Cyber Security for Researchers and Safeguarding Research Partnerships with Open Source Due Diligence. 

  • Guidelines and Tools to Implement Research Security: These are curated guidelines and tools to help researchers understand how they can identify and assess risks to their research and develop a plan to mitigate such risks. 

  • Mitigating Economic and/or Geopolitical Risks in Sensitive Research Project: A Tool for University Researchers: This publication was developed by the U15 Group of Canadian Research Universities and Universities in Canada in collaboration with the Government of Canada-Universities Working Group. 

  • Foreign Interference and You: The Canadian Security Intelligence Service (CSIS) provides an overview on foreign interference and suggests points on how foreign actors may seek to interfere in academia and research.

  • Travel Security Guide for University Researchers and Staff: Developed by the U15 and Universities Canada in collaboration with the Government of Canada-Universities Working Group, this document aims to provide guidance to researchers on best practices for due diligence in research when traveling.

21.5.2 Laurier Resources

  • Research Data Management: In accordance with the Research Data Management Institutional Strategy, the Library and the ICT provide expertise and guidance for developing research data management plans that ensure secure storage of research data and responsible and ethical management of sensitive data, including those of Indigenous communities. 

  • Traveling with Laurier Devices: When traveling with Laurier-owned smartphones and devices, one must ensure that the device, as well as the data, is always kept secure. ICT has some Cybersecurity Tips When Travelling with a Laurier-Owned Smartphone.