Insights

South Africa’s research sector is vibrant and internationally connected, yet recent events have shown that gaps in digital and operational infrastructure can be exploited, risking both research integrity and essential service delivery. Several specific case studies highlight the realities and lessons learned as the country strengthens its research security posture.

When thinking about security, we often think about how we keep threats out: cyber defences, building access controls, travelling with clean devices. Yet, recent years have emphasised uncomfortable truths: insider threats can be embedded deep within in research communities. Two case studies underscore how this can happen (both intentionally and unintentionally).

Nationality is often central to research due diligence, with universities and institutions screening international collaborators or staff based on citizenship... However, notable espionage incidents—including recent cases in Norway—expose the shortcomings of over-reliance on nationality as a risk filter. Here’s why nationality-led due diligence is too blunt a tool for a complex, global research and innovation ecosystem.