House passes update to infosec bill
- By Diane Frank
- Oct 26, 2000
Computer Security Enhancement Act
The House passed a bill Tuesday night to update a 13-year-old law regulating
federal information security requirements.
The Computer Security Enhancement Act of 1999, sponsored by Rep. F.
James Sensenbrenner Jr. (R-Wis.), amends the roles, responsibilities and
authority of the National Institute of Standards and Technology to oversee
federal agencies' information security practices and technology.
This is the second version of the bill, which members of the House Science
Committee, such as Sensenbrenner and Rep. Connie Morella (R-Md.), have introduced
but failed to get through the Senate since 1997.
The bill would solidify NIST's position as a lead agency for advising
federal agencies on security matters. It reiterates support for NIST's work
to evaluate commercial security products and practices for use in agencies
and also its work to develop guidelines and standards.
Reflecting the changes in technology since the original Computer Security
Act, the new bill focuses more on networked systems than the standalone
environment used at the time — 1987. The bill also has sections about new
authentication technologies, such as electronic signatures, while staying
as technology-neutral as possible.
The bill is now at the Senate, where it likely has only days to pass
before Congress adjourns. Should it not pass, its sponsors will have to
reintroduce it again during the 107th Congress.