Cybersecurity research boosted

As a House bill that aims to spend $878 million training graduate and doctoral-level cybersecu.rity researchers heads to the Senate, computer industry officials say some of the money ought to be used to train lower-level workers, too.

The Cyber Security Research and Development Act passed on a 400-12 vote Feb. 7 and is expected to be introduced in the Senate in a few weeks.

As written, the House bill would train cybersecurity researchers — "the admirals and generals" of the computer defense corps — but it largely ignores "the foot soldiers" — the computer system administrators and others who oversee networks — according to Thomas Santaniello, public policy manager for the Computer Technology Industry Association (CompTIA).

Jolted by the Sept. 11 terrorist attacks, House Science Committee members said the United States needs much stronger computer security research programs to protect the nation's computer systems from attack.

"Experts tell us that the nation is profoundly at risk from cyber.terrorism," said Rep. Sherwood Boeh.lert (R-N.Y.), sponsor of the act. His bill intends to create "the next generation of cybersecurity researchers" and introduce innovative approaches to computer system security. He concedes that the effort is likely to take years.

"Everyone wants instant results," Boehlert said, "but this committee has to look at the longer range."

More immediate results could be obtained by also providing security training for computer system administrators and others, Santaniello said.

Computer system operators "need a basic, fundamental understanding of security practices. Traditionally, security has not been the highest priority," he said. CompTIA, which represents 9,000 companies and 10,000 technology workers, will ask the Senate to add provisions for security training for "the people who make networks run."

The House version of the bill calls for spending $878 million over five years to support computer and network security research, mainly by doctoral and post.doctoral students studying cyber.security. The money would be split between the National Science Foundation and the National Institute of Standards and Technology (NIST).

Boehlert, who is chairman of the Science Committee, compared the investment to the space research and development boom in the 1950s, sparked in part by the Soviet Union's surprise launch of Sputnik, the first satellite.

U.S. vulnerability to a cyberattack is grave, he said. An attack on computer systems "could knock out electricity, drinking water and sewage systems, financial institutions, assembly lines and communications — just to name a few."

And the danger is growing rapidly, warned Rep. Lamar Smith (R-Texas). The number of computer viruses, attacks by hackers and computer system break-ins doubled in the past year, Smith said. "The demand for expertise in network security, disaster recovery and other cyberdefense skills has never been higher, but the supply of qualified IT professionals falls short," Smith said.

In addition to producing a new crop of computer security experts, the new funding is intended to advance the science of security. At present, "we have few, if any standards as to what constitutes a secure network," said Rep. Connie Morella (R-Md.), "nor do we have generally accepted procedures to evaluate our current systems to upgrade them with the most current security protocols."

NIST, which is located in Morella's district, could create such standards.

The cybersecurity bill sped through the House. It was introduced Dec. 4, 2001, shortly before Congress took a month-long break, and passed less than two weeks after lawmakers reconvened.

That sense of urgency may be lacking in the Senate. "We need to get after the Senate and let them know that we need some action over there," said Rep. Ralph Hall (D-Texas), a cosponsor of the bill.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.