Although many technology news stories about cybercrime focus on the dangers to consumers or threats to privacy and financial accounts, cybersecurity is an issue across sectors.
This is seen vividly in the research and development done by U.S. research universities. The rise in cybersecurity concerns and the global reach of potential cyberespionage and cybercrime has potentially severe consequences for R&D in universities and for the security and business strategy of organizations who use that research.
R&D activities can be very attractive to countries that want cutting-edge research ideas to use or to modify for their own uses and to give them a leading advantage. Those activities can also be very attractive to other, extra-nation actors.
R&D needs to strike a balance between open exchange and cybersecurity.
Increasing Concern With Attempts
As the industry publication Education Dive points out, an April congressional hearing called “Scholars or Spies: Foreign Plots Targeting America’s Research and Development” and co-chaired by the House Subcommittee on Oversight and Research and Technology and the Committee on Science, Space, and Technology shone a light on government concerns about R&D security.
The hearing prompted a joint statement from the American Council on Education, the Council on Government Relations, the Association of American Universities (AAU), and the Association of Public and Land-Grant Universities reiterating their cognizance of security challenges and vulnerabilities — and reiterating their commitment to contributions to homeland security and U.S. defense abroad.
As a result, researchers and higher education officials are taking a look at how R&D is being impacted and what should be done about potential concerns. Recently, the AAU and The Science Coalition hosted an event for university research administrators to discuss these and related concerns.
A Balance Between Open Exchange and Security
University administrators sounded one major theme: there needs to be attention paid both to open exchange of information and ensuring appropriate security protocols when dealing with foreign nations.
All agreed that universities and the government have common interests in ensuring that intellectual property, proprietary data, and other classified information are not available to be stolen, used, or spied upon.
Some participants focused on the need for the government and universities to work together on the issue. Some pointed out that a key collaborative effort, the FBI’s National Security Higher Education Board (NSHEB), was ended in February. It provided a mechanism for college administrators and security personnel to communicate.
Others focused more on the need for university personnel to obey security protocols, such as keeping one computer for use in foreign countries like China, apparently so not all of a given researcher’s files were vulnerable. Others called for adherence to basic security protocols.
Still, others focused on the potential damage of putting a damper on the open exchange between scholars globally. One of these participants, from the University of Oregon, called for more R&D focusing on competing with China, rather than focusing on cyber threats from that country. These participants felt that the best way to rise to the challenge of potential foreign competition was to move rapidly to the marketplace, where products stemming from R&D can be purchased in an open marketplace rather than preyed upon while still in the research stage.
As the U.S. moves forward in developing and adhering to basic security protocols, the consequences of cybersecurity issues for R&D will play a role in how security challenges and vulnerabilities are addressed.