Senate passes cyber R&D funding

S. 2182 Cyber Security Research and Development Act

The Senate on Oct. 16 passed a bill that will provide more than $900 million over five years to cybersecurity research and development, an investment that is "essential" to ensuring the security of future networks and services, experts said.

The full Senate passed the Cyber Security Research and Development Act (S. 2182), which authorizes funding for new research and grants programs through the National Institute of Standards and Technology and the National Science Foundation.

Those programs will address matters ranging from basic security infrastructure research to scholarships for new cybersecurity experts.

"In the long run, all government and private-sector cybersecurity efforts depend on people — trained experts with the knowledge and skills to develop innovative solutions and respond creatively and proactively to evolving threats," Sen. Ron Wyden (D-Ore.), sponsor of the Senate bill, said in a statement during debate on the bill.

With the congressional session winding down, the bill's supporters made it clear that they believe the programs it creates cannot afford to wait.

"The stakes are high, and you can bet that hackers and cyberterrorists won't stand still, so, it is important to launch these new cybersecurity research programs as soon as possible," Sen. John Edwards (D-N.C.) said on the floor.

Rep. Sherwood Boehlert (R.-N.Y.), co-sponsor of the House version of the bill (H.R. 3394) and chairman of the House Science Committee, applauded the Senate's action.

Even industry, which often expressed concerns about the talk of potential security technology standards, praised the Senate for passing the bill.

"The funding this bill earmarks is critical to increasing cybersecurity research, to building a larger base of information security professionals, and to improving information sharing and collaboration among industry, government and academic research project," said Harris Miller, president of the Information Technology Association of America.

There are several minor differences between the Senate and House versions of the bill. The House must approve those differences, and then the bill will be sent to President Bush to sign.

The changes in the Senate bill include:

* Make the language compatible with the Department of Homeland Security Act.

* Create a program to train existing faculty to teach college-level cybersecurity courses.

* Direct NIST to develop checklists for federal agencies outlining security configurations.