House passes $880 million computer security bill

The House of Representatives Feb. 7 overwhelmingly approved a bill that offers $880 million in funding to government agencies for researching ways to improve U.S. computer and network security.

The House voted 400-12 in favor of H.R. 3394, the Cyber Security Research and Development Act, sponsored by Science Committee Chairman Sherwood Boehlert, R-N.Y.

The $880 million would be split between the National Science Foundation and the National Institute of Standards and Technology for use in cybersecurity research efforts.

"Security has to mean more than locking doors and installing metal detectors," said Rep. Brian Baird, D-Wash., speaking in support of the bill, which contains language he sponsored. "The virtual systems that are vital to our nation's economy must be protected."

Rep. Vernon Ehlers, R-Mich., said the bill will help the United States defend its critical infrastructure systems not only against rogue "hackers and thieves," but against hostile nations using technology against the country.

Rep. Robert Goodlatte, R-Va., noted the legislation also will create more jobs in the cybersecurity field.

Science Committee spokeswoman Heidi Tringe earlier this week said committee members are working with senators to develop a companion bill, though H.R. 3394 now will be referred to the Senate for consideration.

Under the House legislation, the funds earmarked for the NSF would be distributed in grants for cybersecurity research projects and cash incentives to universities and other institutions to develop private computer-security research centers.

The portion of the funds allotted to NIST would be earmarked for long-term "high-risk" cybersecurity research.

Speaking in support of the bill, Information Technology Association of America President Harris Miller said, "We're very strongly supportive of what Chairman Boehlert is doing. Information security simply has not had the focus in the past."

In a statement Feb. 7, Miller said the bill takes a "longer-term approach to cybersecurity." He also said it is critical for Congress to fund, at least at a minimum, the president's budget request for a 60 percent increase in IT security spending in the fiscal 2003 budget for the government's own inadequately protected systems.

Bob Kramer, vice president of public policy at the Computing Technology Industry Association, said in a statement, "Clearly, as America has become IT-dependent, it has also become increasingly IT-vulnerable. Last year, U.S. businesses spent approximately $12 billion dollars to combat computer viruses. At the same time, according to industry reports, cybersecurity incidents saw a 200 percent increase."

Kramer, echoing Goodlatte's comment, said the bill would provide for more cybersecurity "foot soldiers."

The Business Software Alliance also signaled its support of the bill. "While we cannot fully know the threats of tomorrow, we must do what we can to prepare for them through well-planned basic cybersecurity [research and development] carried out in close partnership with industry," said BSA Chief Executive Robert Holleyman.

The Computing Research Association also lauded the bill, saying it represents the "right approach" to cybersecurity.

Reported by Newsbytes.com (www.newsbytes.com).