The U.S. House of Representatives is scheduled to vote Wednesday on a proposed bill that is designed to bolster federal cybersecurity research and development activities, and stimulate the growth of a cybersecurity workforce in the country.
The bill is called the Cybersecurity Enhancement Act of 2009 (HR 4061) and was introduced by Rep. Daniel Lipinski (D-IL) last year. It was passed by the House Science and Technology Committee last November. The bill is the first major cybersecurity legislation to come up for consideration before the 111th Congress.
If passed, the bill would reauthorize several cybersecurity grant program the National Science Foundation (NSF). The NSF will get up to $396 million over the next four years to fund research and development programs that are focused on cybersecurity.
The bill also sets aside another $94 million in scholarships over the same period for students who pursue cybersecurity studies, so long as they commit to the public sector after graduating. In addition, about another $120 million will be available to the NSF for funding activities related to improving cybersecurity, including constructing research facilities and offering training programs in colleges and universities.
The bill would require the National Institute of Standards and Technology (NIST) to work with other standards bodies to develop internationally accepted cybersecurity standards. It also charges NIST with creating and promoting public awareness of IT security, and best practices campaigns in conjunction with relevant federal agencies, industry and educational institutions. It calls on NIST to work on developing standards for better interoperability between identity management and user authentication systems.
If passed, HR 4061 would require federal agencies to conducted a detailed assessment of their cybersecurity risks, and develop a strategic research and development plan for addressing those risks.
Each plan would need to specify near-term, mid-term and long-term objectives and estimate the funding required to meet those objectives. The plans would also need to detail any complimentary research activity that may be going on in the private sector and describe how the R&D work can be used to create new cybersecurity technologies and services.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, send e-mail to firstname.lastname@example.org or subscribe to Jaikumar's RSS feed .