Cybersecurity R&D Bill Aims to Unify Federal Efforts
Federal agencies would have a year to create a plan to guide federal cybersecurity research efforts, under a bill approved Wednesday by the Research and Science Education Subcommittee of the House Science and Technology Committee. Chairman Dan Lipinski, D-Ill., and Ranking Member Vernon Ehlers, R-Mich., expressed support for the Cybersecurity Research and Development Act.
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
The bill would direct the National Science Foundation to include social and behavioral considerations, “including human- computer interactions, usability, user motivations, and organizational cultures,” in its cybersecurity research. And it would add identity management to the research areas that the NSF supports.
The bill takes up concerns raised in a series of cybersecurity research and development hearings, Lipinski said. Witnesses told the subcommittee that the federal portfolio needs to be better coordinated, federal-private partnerships need to be improved and the IT work force needs to be better developed, he said. The bill “will ensure an overall vision and an implementation plan for the federal cybersecurity R&D portfolio and will train the next generation of cybersecurity professionals,” Lipinski said. Ehlers said it’s “downright frightening to realize what damage can be done through cybersecurity attacks.” Security will continue to become more difficult to manage as society relies more on virtual information and services, he said, so creating a safe infrastructure is a must.
The cybersecurity R&D plan that agencies must create should specify and prioritize near-term, medium-term and long-term research objectives, the bill says. The plan should describe how it will focus on “innovative, transformational technologies” and how it will smooth the transfer of research to actual products “for the benefit of society and the national interest.” The agencies must also create an “implementation roadmap” that will specify each agency’s role, the funding for each major research objective and expected necessary funding for the next three years.
The bill also would re-authorize and create scholarship and fellowship programs for cybersecurity training to encourage more study. Ehlers said he hadn’t realized how bad the problem was until a professor pointed out that computer science enrollments are down. The president would have to develop a report on the government’s cybersecurity workforce needs. A university- industry task force would look at how collaborative research could be carried out. Rep. Eddie Bernice Johnson, D-Texas, successfully offered an amendment to encourage women and minorities to enter the field.