House passes update to infosec bill

Computer Security Enhancement Act

The House passed a bill Tuesday night to update a 13-year-old law regulating

federal information security requirements.

The Computer Security Enhancement Act of 1999, sponsored by Rep. F.

James Sensenbrenner Jr. (R-Wis.), amends the roles, responsibilities and

authority of the National Institute of Standards and Technology to oversee

federal agencies' information security practices and technology.

This is the second version of the bill, which members of the House Science

Committee, such as Sensenbrenner and Rep. Connie Morella (R-Md.), have introduced

but failed to get through the Senate since 1997.

The bill would solidify NIST's position as a lead agency for advising

federal agencies on security matters. It reiterates support for NIST's work

to evaluate commercial security products and practices for use in agencies

and also its work to develop guidelines and standards.

Reflecting the changes in technology since the original Computer Security

Act, the new bill focuses more on networked systems than the standalone

environment used at the time — 1987. The bill also has sections about new

authentication technologies, such as electronic signatures, while staying

as technology-neutral as possible.

The bill is now at the Senate, where it likely has only days to pass

before Congress adjourns. Should it not pass, its sponsors will have to

reintroduce it again during the 107th Congress.

Featured

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.