Bill pushes security, but no money so far
- By Diane Frank
- Dec 01, 2002
A new bill awaiting President Bush's approval heralds the importance of cybersecurity, but the funds to bolster security education and research are yet to come.
The Cyber Security Research and Development Act (H.R. 3394) of 2002 is expected to kick-start the education and research support structure that has long been lacking in the security world.
The act would provide $903 million for grants and scholarships through the National Science Foundation and the National Institute of Standards and Technology, among other things. While the bill is expected to become law, there will still be a battle for the money that it authorizes.
The bill is being hailed by agencies, academia and industry as the best way to encourage long-term, focused information security research and, in turn, encourage students and professors to seek careers in the information security field.
Without the money authorized for programs at NSF and NIST, the push to increase security proficiency in the United States will not be as effective, according to security experts.
But talks are already under way, said Rep. Sherwood Boehlert (R-N.Y.), chairman of the House Science Committee and a co-sponsor of the bill.
"We are engaged in conversations with the appropriators, and we are bringing [the bill] to their attention," he said.
The bill's sponsors are checking with White House staff — particularly at the Office of Management and Budget — to make sure the funding requests are included in the president's budgets.
Officials will be "unyielding" in their efforts to make sure that actual money follows the bill, but the private sector, because of its power as a lobbying force, also has a large role to play in this fight, Boehlert said.
The Information Technology Association of America, which supports the bill, has already been working on the funding issue with appropriations committee staff members and White House officials, said Harris Miller, president of the Arlington, Va.-based industry group.
Even if the bill gets funding, research and education do not turn out immediate results. "It's not a quick-fix bill. It's a bill to build the human and intellectual capital in the long run," according to William Wulf, president of the National Academy of Engineering.
However, "the sooner we make that funding available, the sooner we create that pipeline of trained professionals," said Rep. Brian Baird (D-Wash.), a co-sponsor of the bill.
Follow the money
The Cyber Security Research and Development Act authorizes $903 million during the next five years for several internal and grants-based federal security programs, such as:
* National Science Foundation research grants: $233 million.
* NSF graduate scholarships: $90 million.
* NSF faculty development scholarships: $25 million.
* National Institute of Standards and Technology research program: $275 million.
Source: House Science Committee