Since 2018, the Australian Government has made serious strides in countering espionage and foreign interference, including introducing policy and legislative reforms aimed at protecting the research and university sector. That was necessary. Foreign states have actively targeted Australia’s research ecosystem—seeking to influence research agendas, extract sensitive information and exploit institutional vulnerabilities. However, the threat landscape hasn’t remained static. It has evolved—and rapidly.

Seven years on, adversaries are no longer simply stealing data or cultivating informal relationships. Today, we’re seeing deliberate efforts to insert malicious insiders, target researchers through transnational repression, exploit data and cyber vulnerabilities, and manipulate legal frameworks through lawfare. Those methods are more sophisticated, more targeted and more integrated than ever before. Responding to them requires more than a continuation of current practice—it demands a fundamental shift in mindset. Security must now be built on persistent adaptation and shared responsibility, not one-off compliance measures.

Yet the tools available to respond are lagging. Australia still lacks a clear, consistent national definition of ‘research security’—a gap that has bred confusion, resistance and fatigue across the university and research sectors. For many, security remains synonymous with red tape, rather than resilience. Meanwhile, government controls are fragmented across portfolios and jurisdictions, with no centralised leadership akin to the Counter Foreign Interference Taskforce. Heavy reliance on ministerial discretion and legislative blunt force undermine the goal of shared, sector-wide ownership.

At the same time, we must acknowledge that universities aren’t government agencies. They’re complex, competitive, globally connected institutions working under immense financial pressure and regulatory complexity. Building sustainable research security means recognising those realities—not as excuses, but as critical inputs into any effective framework. Encouragingly, there is some movement. The Group of Eight has stepped forward with a national security and defence committee, co-chaired by Major General (Ret’d) Paul Symon and Lieutenant General (Ret’d) Rick Burr, to strengthen trust and coordination with government.

But those are early steps. To protect Australia’s sovereign research capability into the future, we need more tailored, practical and scalable approaches to research security. They must be clear in purpose, flexible enough to adapt to changing threats, and sensitive to the day-to-day realities of research collaboration. Above all, they must be nationally coherent and built on partnership—not paternalism.

The integrity of our research ecosystem isn’t just a matter of academic ethics. It’s a matter of national security, future capability, and Australia’s ability to compete in a world increasingly shaped by strategic technologies and knowledge dominance. This requires a set of consistent, coherent and high-level principles that informs strong applied policy guidance.

This report outlines Australia’s comprehensive and globally leading approach to research security. However, it also makes clear that the threats that are confronting Australia are adapting, and so Australia’s approach will similarly need to adapt. The report argues that Australia’s research security posture must evolve, moving beyond the narrow lens of countering foreign interference and espionage to a broader, more integrated and risk-based framework.