International collaboration is an essential part of UC Santa Cruz’s research, embodying the value of bringing together diverse perspectives, enabling large-scale scientific experiments, improving understanding across cultures, and addressing some of the most challenging global problems. UC Santa Cruz aims to support these partnerships, while safeguarding the security of our researchers, data, intellectual property, and federally-funded research.
The National Security Presidential Memorandum-33 (NSPM-33) expressed the significant need to “strengthen protections of United States Government-supported R&D against foreign government interference and exploitation” while “maintaining an open environment to foster research discoveries and innovation that benefit our nation and the world.” In January 2022, the Office of Science and Technology Policy (OSTP) committed to providing clear and effective guidance for how agencies (and resulting partners and recipients) could effectuate this effort. The July 2024 OSTP Memorandum then provided Guidelines for Research Security Programs at Covered Institutions, which included requirements for an institutional research security program and training, cybersecurity awareness and practices, international travel tracking and training, and export control training.
Research security training requirements
As of May 1, 2025, recipients must maintain a research security training program for covered individuals, consistent with Section 10634 of the CHIPS and Science Act of 2022. Research security training is currently required by the Department of Energy for all senior/key personnel (“covered personnel”). It is anticipated that the NSF and other agencies will implement similar requirements in 2025.
At UC Santa Cruz, covered personnel complete research security training through a Learning Center course developed by the UC Office of the President. Research security training encompasses these topics:
- An overview of Research Security
- Case studies
- International collaboration
- Disclosure
- Information and data security
- Elicitation
- Talent recruitment programs and Malign Foreign Talent Recruitment Programs
- International travel
Each covered individual listed on an application for a research and development award must certify that research security training has been completed within one year of such application. Any new covered individuals added to the project (both at UC Santa Cruz and at subrecipient organizations, as applicable) must certify that they have completed the training within thirty (30) calendar days of the individual joining the project. UC Santa Cruz must also certify that each covered individual that is an employee of UC Santa Cruz and listed on the application has completed such training. The completion of training is valid for one year, and requires annual renewal as long as the relevant projects are active.
Sponsor-specific requirements
Department of Energy (DOE)
Per the DOE Financial Assistance Letter dated October 7, 2024, “Covered individuals listed on applications under this funding opportunity are required to certify that they have taken research security training consistent with Section 10634 of the CHIPS and Science Act of 2022. In addition, applicants who receive an award must maintain sufficient records (records must be retained for the time period noted in 2 CFR 200.334 and made available to DOE upon request) of their compliance with this requirement for covered individuals at the applicant/recipient organization and they must extend this requirement to any and all subrecipients.”
“Covered Individual means an individual who (a) contributes in a substantive, meaningful way to the development or execution of the scope of work of a project funded by DOE or proposed for funding by DOE, and (b) is designated as a covered individual by DOE.”
See DOE research security training for more information.
National Science Foundation (NSF)
NSF put a number of measures in place to strengthen research security and integrity for the federal funded research community, including:
- Emphasized compliance with disclosure rules in NSF’s Proposal and Award Policies and Procedures Guide for both NSF staff and the institutions and researchers funded by NSF.
- Required each Institution of Higher Education (IHE) who receives NSF funding to submit a Foreign Financial Disclosure Report (FFDR) through research.gov.
- Restricts participation in foreign talent recruitment programs.
- Requires annual “Science and Security Training” – to be implemented for NSF recipients in the 2025 PAPPG.
- Established the TRUST (Trusted Research Using Safeguards and Transparency) framework to assist NSF in evaluating potential research security risks during the application process.
See NSF’s research security website for more information.
Resources
Research Compliance
- Consult with UC Santa Cruz ITS cybersecurity experts to determine resources and infrastructure needed to ensure research security compliance and protection for your program.
- UC Electronic Information Security Policy (IS-3)
- UCOP research security resources
- SECURE Center