Penn State faculty and staff will get a direct line to the university’s top research leaders on Thursday, July 23, at 1 p.m. ET, when a town hall breaks down the tangle of new federal security requirements now reshaping everything from international collaborations to everyday IT workflows. The session, open without registration, will run simultaneously in room 603 of the Eric J. Barron Innovation Hub at University Park and via a Microsoft Teams livestream for anyone with a Penn State email address.

That dual format—in‐person and remote—reflects the session’s core message: research security is no longer a back‐office concern. It bumps up against the tools researchers use daily, the devices IT teams manage, and the cloud services that store and transmit their data.

What the Town Hall Will Cover—and Who’s Speaking

Senior Vice President for Research Andrew Read will open the session with an overview of the “recent federal changes affecting research activity,” according to a university announcement. He will be joined by Associate Vice President for Research Debra Thurley and Assistant Vice President for Research Clint Schmidt, who runs Penn State’s Research Security Program. The program’s compliance staff will also be on hand.

The agenda is explicit: international collaborations, export controls, IT security requirements, travel restrictions, visiting scholar protocols, and the increasingly stiff conditions attached to federal grants. In other words, the very elements that make modern research global and collaborative are now dotted with tripwires that a single misstep—an unvetted guest account on a Teams call, a file shared too widely in SharePoint, a laptop crossing a border—can trigger.

“The discussion will focus on the practical support available through its Research Security Program and compliance teams, rather than treating security as an isolated administrative function,” Penn State said in the announcement, reported by Mirage News. The bulk of the 90‐minute slot is reserved for questions. Attendees can submit them in advance, raise them from the floor, or drop them into the Teams Q&A panel during the livestream. Leaders may also address “broader research funding and research-enterprise issues if time permits.”

What This Means for You—Split by Audience

For Researchers and Principal Investigators

If your work involves international partners, restricted technologies, export‐controlled data, or sponsor clauses that you skimmed during a grant submission, this town hall is your alert. Federal agencies are no longer treating research security as a set of guidelines; they are tying it directly to funding eligibility. What was once an institutional checkbox—“Yes, we have an export control policy”—is now an expectation of demonstrable, auditable compliance at the project level.

Practically, that means:
- Before you bring a foreign national into your lab, check with the Research Security Program. Visitors and remote collaborators may require screening, export control review, or a technology control plan.
- International travel with university devices or data may need pre‐approval and a clean‐device strategy.
- Grant proposals with foreign subawards now demand detailed information about the subrecipient’s own security practices—information that must be verified.

The town hall gives you a chance to ask: “What do I do if my collaborator at a foreign university wants to co‐author using a shared cloud folder?” or “How does this affect my existing NSF grant?” Compliance staff will be there to answer, not just present.

For IT Professionals Supporting Research Departments

If you manage the Windows endpoints, Azure Active Directory tenants, or Teams environments that researchers rely on, the “IT security requirements” bullet on the agenda is your summons. Sponsor obligations can override standard university policy. A research group working on a Department of Defense contract may need Microsoft 365 settings that differ from campus defaults—stricter external sharing, mandatory sensitivity labels, logging-enabled guest access, or even a separate Teams channel with unique data-loss prevention rules.

Consider these everyday scenarios:
- A SharePoint site used for a federally funded project might need to restrict access by country IP ranges or enforce multi‐factor authentication for all external users, even if the university’s baseline doesn’t require it.
- Teams meeting recordings stored in OneDrive could become export‐controlled records if they contain discussions of restricted technology, requiring retention schedules and legal holds.
- Researcher laptops traveling overseas may need whole‐disk encryption, removal of sensitive files, or loaner devices configured by central IT.

The town hall is your opportunity to ask the Research Security Program directly: “What technical controls must we implement for a project that falls under International Traffic in Arms Regulations (ITAR)?” or “How do we reconcile sponsor‐imposed data sovereignty requirements with our current cloud architecture?” If you’ve been waiting for a clear mandate, this session could finally provide it—or at least the right contacts.

For Compliance and Administrative Staff

You’ll want to hear how the Research Security Program positions itself as a partner, not a gatekeeper. Penn State says the session is meant to show the “practical support available,” signaling that the program aims to provide templates, checklists, and direct consultations. If you’re crafting an export control plan or drafting a technology security plan for a proposal, this is a chance to connect with the people who will ultimately review and approve those documents.

How We Got Here: Federal Pressure Reshapes Academic Research

The July 23 town hall didn’t appear in a vacuum. Over the last three years, federal agencies have issued a cascade of directives:
- National Security Presidential Memorandum 33 (NSPM-33) mandated that research institutions receiving more than $50 million in federal funding adopt standardized disclosure requirements, strengthen foreign travel reporting, and create research security programs.
- The CHIPS and Science Act introduced new due‐diligence obligations for semiconductor and advanced-technology research, tying funding to robust security frameworks.
- Export control reforms, including updates to the Commerce Department’s Export Administration Regulations (EAR) and the State Department’s ITAR, have broadened the scope of controlled technologies—often ensnaring university research previously considered fundamental.
- NIH, NSF, DOD, and DOE have each rolled out specific grant term addenda requiring principal investigators to certify compliance with cybersecurity and foreign influence rules.

Penn State’s response was to build the Research Security Program, now led by Clint Schmidt, and to weave its work into the Office of the Senior Vice President for Research. The July 23 session is that program’s most public-facing attempt yet to translate opaque federal legalese into actionable steps.

What to Do Now

If You Plan to Attend

  • Mark your calendar for Thursday, July 23, 1 p.m. ET. The in-person location is room 603 of the Eric J. Barron Innovation Hub at University Park. No registration is required.
  • For remote access: Faculty and staff with a university email address can join via Microsoft Teams. Details will likely be distributed through university channels. If you don’t have the Teams client installed, use the “Watch on the web” option that Microsoft provides for browser-based viewing. Test your access a day or two before—confirm that your Penn State account can authenticate to Teams and that your network doesn’t block streaming.
  • Submit questions in advance if you have specific concerns. Penn State’s announcement encourages this, and it’s the surest way to get a detailed answer during the Q&A portion. Contact the Research Security Program directly through the university’s research website to send your questions.

If You’re a Researcher

  • Inventory your current collaborations. Identify any project with an international component, restricted technology, or sponsor from the DOD, DOE, NASA, or intelligence community. Jot down questions: Do we need a Technology Control Plan? Are our data-sharing practices compliant? Bring those questions to the town hall.
  • Bookmark the Research Security Program’s website (likely linked from research.psu.edu) and note the contacts for Debra Thurley and Clint Schmidt. After the town hall, schedule a follow-up consultation if your concerns aren’t fully addressed.

If You’re an IT Professional

  • Review tenant settings for research groups. Check external sharing configurations in SharePoint and Teams for labs that hold federal contracts. Verify that guest access, audit logs, and data-loss-prevention policies align with the latest grant terms.
  • Prepare a list of questions for compliance staff: What technical controls do they expect for ITAR‐ or EAR‐controlled data? Are there approved templates for secure research environments within Microsoft 365? How will they support IT in implementing sponsor-specific requirements?
  • Connect with your unit’s research administrator to understand which grants are highest risk and therefore most likely to need tightened IT controls.

Outlook: What to Watch After July 23

This town hall is almost certainly the start of a longer conversation. Federal guidance continues to evolve, and new rules from the Office of Science and Technology Policy are expected later this year. Penn State will need to issue more granular policies—ideally with step‐by‐step IT implementation guides. For Windows admins and IT teams, the next milestone may be a technical workshop or a dedicated Teams channel where compliance staff and central IT walk through specific Microsoft 365 configurations for restricted research.

In the meantime, July 23 offers a rare, unfiltered hour with the people whose job it is to keep Penn State research both fearless and federally compliant.