House OKs cybersecurity bill

Warning that the nation's computer systems are "profoundly at risk" for cyberattacks, members of the House Science Committee applauded the Feb. 7 passage of legislation that would pump $878 million into computer security education and research.

The House approved the bill on a vote of 400 to 12. It has yet to go to the Senate.

The sponsors of the Cyber Security Research and Development Act conceded that it will take years for the spending they propose to produce trained security personnel or new security products.

The money would be split between the National Science Foundation and the National Institute of Standards and Technology. The two federal agencies would use the money to sponsor computer and network security research and to fund doctoral and post-doctoral students studying cybersecurity.

Rep. Sherwood Boehlert (R-N.Y.), who is chairman of the Science Committee, said the legislation could mark "a fundamental turning point in the nation's approach to cybersecurity." He compared it to legislation passed in the 1950s after the Soviet Union beat the United States in the space race by launching the first satellite, Sputnik.

The danger posed by a cyberattack on the United States is grave, he said. "A cyberattack could knock out electricity, drinking water and sewage systems, financial institutions, assembly lines and communications — just to name a few."

The danger is growing rapidly, warned Rep. Lamar Smith (R-Texas). The number of computer viruses, attacks by hackers and computer system break-ins doubled in the past year, he said.

"The demand for expertise in network security, disaster recovery and other cyberdefense skills has never been higher, but the supply of qualified [information technology] professionals falls short," Smith said.

The bill won't address the immediate shortage, however. It is aimed at producing "a new generation of cyber warriors," Smith said.

"Everyone wants instant results," Boehlert said, "but this committee has to look at the longer range."

Funding in the cybersecurity act also is intended to advance the science of security. "We have few, if any, standards as to what constitutes a secure network," said Rep. Connie Morella (R-Md.). "Nor do we have generally accepted procedures to evaluate our current systems to upgrade them with the most current security protocols."

It could be a task for NIST, which is in Morella's district, to create such standards.

The most immediate task, however, is to prod the Senate to also pass the bill, said Rep. Ralph Hall (D-Texas). "We need to get after the Senate and let them know that we need some action over there," he said.

The bill sped through the House. It was introduced Dec. 4, 2001, shortly before Congress took a month-long break, and passed less than two weeks after lawmakers reconvened.

Featured

  • People
    Federal CIO Suzette Kent

    Federal CIO Kent to exit in July

    During her tenure, Suzette Kent pushed on policies including Trusted Internet Connection, identity management and the creation of the Chief Data Officers Council

  • Defense
    Essye Miller, Director at Defense Information Management, speaks during the Breaking the Gender Barrier panel at the Air Space, Cyber Conference in National Harbor, Md., Sept. 19, 2017. (U.S. Air Force photo/Staff Sgt. Chad Trujillo)

    Essye Miller: The exit interview

    Essye Miller, DOD's outgoing principal deputy CIO, talks about COVID, the state of the tech workforce and the hard conversations DOD has to have to prepare personnel for the future.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.