FAQ

1. Meaning of Institutional Resilience in Research

Institutional resilience refers to the capacity of a research organisation to identify, prevent, and mitigate risks that may adversely affect its independence, academic freedom, personnel, data, know‑how, intellectual property, or research infrastructure.

It encompasses measures addressing, inter alia:

  • foreign interference,
  • cyber and information‑security threats,
  • illegitimate influence and coercion,
  • high‑risk or non‑transparent partnerships,
  • loss or misuse of intellectual property.

In order to enhance institutional resilience across its organisational units, the Slovak Academy of Sciences (SAS) adopted an internal directive in 2023, which establishes a common framework for risk awareness and prevention (available for download).

2. Importance of Research Security

Research security aims to safeguard:

  • researchers, staff members, and students,
  • sensitive information, data, and know‑how,
  • critical and emerging technologies,
  • organisational reputation,
  • research results against misuse or misappropriation.

Both the European Union and Member States emphasise that international research cooperation remains open, but must be accompanied by proportionate, risk‑based protective mechanisms.

3. Definition of Foreign Interference

Foreign interference comprises activities conducted by a foreign actor — commonly a state or a state‑controlled entity — that are:

  • covert,
  • coercive,
  • deceptive, or
  • corrupting.

Such activities typically aim to gain unauthorised access to technologies, data, influence over decision‑making, or to undermine the integrity and autonomy of a research organisation.

4. Risks Associated with International Cooperation

Risk assessment is partner‑ and behaviour‑based, not geographically determined. Potential risks include:

  • unauthorised or unwanted transfer of technologies or knowledge,
  • data theft or loss of intellectual property,
  • links of partners to military structures or authoritarian regimes,
  • cyber security incidents,
  • reputational damage,
  • illegitimate pressure exerted on researchers.

5. Indicators of Potentially Risky Cooperation

Warning signals may include, inter alia:

  • lack of transparency regarding funding sources or ownership structures,
  • undue urgency or pressure to conclude agreements,
  • unclear project objectives or potential dual‑use of research outcomes,
  • unjustified access requests to data, laboratories, or infrastructure,
  • incomplete or misleading information about the partner,
  • operating environments where state interference in academia is prevalent.

6. Due Diligence – Purpose and Rationale

Due diligence is a structured process for assessing partners, projects, and potential risks prior to initiating cooperation. It is standard practice across OECD countries and is increasingly required within the EU framework.

Its objectives are to:

  • identify and evaluate risks,
  • define mitigating measures,
  • determine whether and under what conditions cooperation may proceed safely.

7. Allocation of Responsibility for Research Security

Research security is a shared responsibility, involving:

  • individual researchers (day‑to‑day vigilance and decision‑making),
  • heads of organisational units,
  • legal and project management services,
  • the research security / institutional resilience coordinator,
  • senior management of the organisation.

8. Procedure in Case of Suspected Illegitimate Influence

In the event of suspected illegitimate interference, early reporting is essential. The following steps shall be taken:

  • refrain from sharing any data or documentation,
  • avoid responding to pressure or concluding agreements, whether oral or written,
  • immediately inform:
    • the direct supervisor,
    • the legal department,
    • the designated research security or institutional resilience coordinator at SAS.

9. Reporting of International Cooperation

Research organisations generally require systematic registration of international cooperation, particularly with regard to:

  • joint research projects,
  • research stays and visiting appointments,
  • data sharing,
  • access to laboratories or infrastructure,
  • contractual relations with foreign entities.

10. Sensitive Areas of Research

Sensitive areas are those where the risk of misuse is elevated, including but not limited to:

  • artificial intelligence,
  • biotechnology and life sciences,
  • quantum technologies,
  • dual‑use materials and technologies,
  • robotics,
  • satellite and space‑based systems,
  • defence‑related technologies,
  • selected social sciences and humanities (e.g. propaganda, geopolitics, sensitive social data).

11. Dual‑Use Technologies

Dual‑use technologies are technologies or materials with both civilian and military applications. Their development, use, and transfer are subject to strict EU and national regulatory frameworks.

Examples include advanced sensors, drones, specific chemicals, and high‑performance AI systems.

12. Data Protection Obligations

Staff members shall:

  • use only institutional accounts and authorised devices,
  • avoid sharing sensitive files via unauthorised platforms,
  • apply strong passwords and multi‑factor authentication,
  • operate exclusively within trusted networks,
  • use encryption where appropriate.

13. Assessing Partner Risk

Partner assessment may involve:

  • verification of ownership structures,
  • screening against EU and UN sanctions lists,
  • identification of links to state authorities or military structures,
  • review of legal and ethical history,
  • assessment of funding transparency.

Uncertainty shall be escalated to the research security coordinator of SAS.

14. Academic Freedom and Research Security

Research security does not limit academic freedom. On the contrary, its purpose is to protect academic freedom by shielding research from coercion, manipulation, and misuse.

15. Sources of Support

Support is provided by the Institutional Resilience / Research Security Coordinator of the SAS Office.

16. Strengthening Individual Resilience

Individuals are encouraged to:

  • limit disclosure of personal and sensitive information online,
  • exercise caution towards unsolicited invitations or offers,
  • verify partners and contacts,
  • protect digital environments,
  • report suspicious situations without delay.

17. Participation in Conferences or Visits Outside the EU

Prior to participation in activities outside the EU, staff members should:

  • verify partners and organisers (see due‑diligence procedures),
  • refrain from sharing unpublished research results,
  • follow safe‑travel recommendations (temporary devices, data protection, network restrictions),
  • consult the research security coordinator of the SAS Office, where appropriate.