"It's one that many of us have been warning about for nearly three decades," he said. "The problems have been anticipated and seen in advance. Unfortunately, none of the warnings have been taken seriously, particularly by government."
Instead of addressing problems proactively, many government agencies and private companies have been fixing cybersecurity problems after they have happened, Spafford added.
In some cases, universities have competed against each other for limited cybersecurity research dollars, Spafford said. He called the new consortium a "wonderful" opportunity for cybersecurity researchers to work together.