Research security moves to the forefront at UNB

Research security becomes a core function at UNB as universities face tighter rules and growing external pressures. A position that rarely existed in Canadian universities a decade ago is now close to the centre of how research is done.

Hired in April 2025 as the University of New Brunswick's first research security manager, Greg Curtis (BSc'08) (MScE'11) works to review grants, partnerships and sensitive projects. His mandate is to protect the university's research, people and reputation while supporting an open research culture.

Why the role exists

Curtis is one of only a handful of people in Atlantic Canada doing this work, and UNB was the first university in New Brunswick to create this position.

The role emerged as federal funding rules changed, and universities had to examine more carefully with whom they worked and where research outputs might eventually end up.

"Historically, Canadian universities operated by a trust-by-default mechanism," Curtis said.

Research security, he said, is about knowing when to pause and ask questions. The research could be stolen for commercial purposes, or foreign states could use it against Canada's national interests. In some cases, the researcher may not recognize that the research could be used for such purposes.

Such a breach could violate federal law and result in repercussions to the researcher and the institution.

From lab to liaison

Curtis did not come to the job with a background in counter-intelligence or policing. He studied chemistry and chemical engineering at UNB and spent years working as a research scientist and manager in industries with strict federal regulations.

"When I went to UNB about 20 years ago, no one talked about research security," he said. "There was a little bit of cybersecurity talk, but it was more or less just physically locking the door."

Curtis reviews funding applications, partnership agreements and risk assessments. He works closely with the Office of Research Services and the partnerships and agreements teams.

"If it requires a research security perspective, I'm going to be involved," he said.

Smaller universities, real risks

Smaller universities are not safer than large ones.

"There's almost a mentality that we're a smaller university and therefore not so much of a target," Curtis said. "But people who want to target universities look at smaller ones as they may have fewer security people and fewer defences."

He pointed to risks ranging from hidden conflicts of interest to outright theft.

"The biggest risks are intellectual property and data theft," Curtis said.

Dual-use is broader than STEM

Curtis uses publicly available information to assess potential research security risks. However, the aim is not to exclude researchers from countries other than Canada.

"We do not vet students based on nationality," Curtis said.

Instead, research security measures are applied based on project sensitivity, regardless of who is working on it.

He often advises simple steps such as limiting access to sensitive files, using two-factor authentication and planning secure storage before a project begins.

Much of the national focus is on dual-use research, which has both civilian and military applications. Curtis said that the focus often misses large parts of the campus.

"Everyone thinks that it is only applicable to STEM research like engineering, artificial intelligence or biotech, for example," he said, "but there's a whole other side of social sciences and humanities."

He pointed to psychology research on coping in harsh climates, political science work on extremist movements and health research that is thought to be low risk in Canada but sensitive elsewhere.

"Almost any research could potentially have dual uses," Curtis said.

Risk does not mean stopping the research. It means managing risk through more careful access, data storage and partnerships.

A regional view

At the Dual-Use Technology Summit hosted by UNB in February, the Atlantic Regional Advisor from Public Safety Canada's Research Security Centre outlined why these measures matter.

The Atlantic Regional Advisor supports institutions across Atlantic Canada, many of which do not yet have dedicated research security staff.

"Research security refers to identifying possible risks to your work through unwanted access, interference and threats," she told the audience.

She highlighted the potential risks to national security posed by dual-use technology and discussed federal policies such as the National Security Guidelines for Research Partnerships (NSGRP) and the Policy on Sensitive Technology Research and Affiliations of Concern (STRAP policy), which mandate risk assessments and attestations for certain research areas.

She stressed the need for awareness and basic due diligence.

"Fundamentally, the basis of research security is knowing your partner and your collaborator, and asking the right questions."

Making it normal

While there is still work to be done to embed research security as a routine practice across the research community, UNB is taking deliberate steps to formalize policies, guidance and support that will strengthen awareness and implementation.

"Success for research security is when it no longer serves as a police function," he said.

He wants to position research security alongside ethics and safety as standard practice. He is developing guides, running workshops and working toward a formal UNB research security policy.

Curtis encourages researchers to reach out to him directly.

"I'd like to get to the point where they just ask, 'Hey, what do you think?' That's the goal," Curtis said.

"I want to support and enable research projects, not obstruct or slow down the important problems our researchers are tackling."