The cyber­se­cu­rity threat rep­re­sents one of the nation’s most serious eco­nomic and national secu­rity chal­lenges, said Stephen Flynn, the founding co-​​director of Northeastern’s George J. Kostas Research Insti­tute for Home­land Security, in a hearing on Tuesday after­noon in Wash­ington, D.C.

Our posi­tion as the world’s dom­i­nant eco­nomic power can be attrib­uted in no small part to the speed at which Amer­i­cans have devel­oped and embraced infor­ma­tion tech­nology sys­tems and appli­ca­tions,” he explained. “But while we have been leading and ben­e­fiting from the infor­ma­tion age, there has been too little con­sid­er­a­tion to the secu­rity impli­ca­tions of our growing reliance on infor­ma­tion technologies.”

Flynn addressed mem­bers of the Home­land Security’s Sub­com­mittee on Over­sight, Inves­ti­ga­tions, and Man­age­ment in a hearing enti­tled “America is Under Cyber Attack: Why Urgent Action is Needed.” The hearing dove­tailed with Northeastern’s focus on use-​​inspired research that solves global chal­lenges in health, secu­rity and sustainability.

Later this week, the U.S. House of Rep­re­sen­ta­tives is slated to vote on four cyber­se­cu­rity bills, which, if enacted into law, would facil­i­tate the sharing of infor­ma­tion on online threats between gov­ern­ment and industry. Con­gressman Bill Keating (D-​​MA), who invited Flynn to tes­tify, has been trying to include lan­guage in one of the cyber­se­cu­rity bills that would enhance the role of uni­ver­si­ties in researching and preparing for attacks.

Other wit­nesses who spoke at the hearing included Shawn Henry, the former exec­u­tive assis­tant director of the crim­inal, cyber, response and ser­vices branch of the FBI; James Lewis, the director of the tech­nology and public-​​policy pro­gram for the Center for Strategic and Inter­na­tional Studies; Stuart McClure, the chief tech­nology officer for McAfee; and Gre­gory Wilshusen, the director of infor­ma­tion secu­rity issues for the Gov­ern­ment Account­ability Office.

Rep. Michael McCaul (R-​​TX), chairman of the sub­com­mittee, out­lined the threat posed by poten­tial cyber attacks, which, he said, could result in pipeline explo­sions, train derail­ments and nation­wide blackouts.

Unfor­tu­nately, this is not a sci­ence fic­tion sce­nario, “he said. “There are no shells exploding or for­eign mil­i­taries on our shores, but make no mis­take, America is under attack by dig­ital bomb.”

Flynn called on Amer­ican uni­ver­si­ties and aca­d­emic insti­tu­tions to become full-​​fledged cyber­se­cu­rity part­ners with both the public and pri­vate sec­tors. He noted that the fed­eral gov­ern­ment has yet to fully uti­lize both the cyber­se­cu­rity resources and exper­tise uni­ver­si­ties like North­eastern offer, adding that uni­ver­si­ties can also serve as an honest broker between public and pri­vate enti­ties in tack­ling cyber threats and challenges.

North­eastern is devel­oping inno­v­a­tive national cyber-​​defense research and solu­tions through work at the Kostas Research Insti­tute, the ALERT (Aware­ness and Local­iza­tion of Explosives-​​​​Related Threats) Center —a multi​university Depart­ment of Home­land Secu­rity Center of Excel­lence — and its Insti­tute for Infor­ma­tion Assur­ance.

Uni­ver­si­ties can pro­vide the public sector with exper­tise that gov­ern­ment policy makers and offi­cials need to keep up with the rapid pace and growing com­plexity of infor­ma­tion tech­nolo­gies and appli­ca­tions,” Flynn said.

In March, a team of North­eastern experts led a con­gres­sional briefing in Wash­ington on the evolving cyber­se­cu­rity threat to con­sumers, industry and gov­ern­ment. The con­tin­gent included Flynn; Mel Bern­stein, senior vice provost for research and grad­uate edu­ca­tion; William Robertson, assis­tant pro­fessor in the Col­lege of Com­puter and Infor­ma­tion Sci­ence and the Depart­ment of Elec­trical Engi­neering; and Engin Kirda, the Sy and Laurie Stern­berg Asso­ciate Pro­fessor of Infor­ma­tion Assur­ance in the Col­lege of Com­puter and Infor­ma­tion Sci­ence and the Depart­ment of Elec­trical and Com­puter Engineering.

The Internet itself has become a crit­ical infra­struc­ture,” Kirda said at the briefing. “Research can play a big role in devel­oping auto­mated approaches to detect and mit­i­gate attacks.”