House passes new cybersecurity legislation

Today the U.S. House of Representatives voted nearly unanimously (422-5) to pass the Cybersecurity Enhancement Act of 2009, which becomes the first and only bill actually passed among the many security-related bills under consideration in both houses of Congress. Key provisions in the new legislation include:

  • Increased coordination of cybersecurity research and development efforts through a National Coordination Office for the Networking and Information Technology Research and Development, which would be tasked with producing a strategic plan for cybersecurity research and development;
  • Significant increases in the amount (rising to $90 million in fiscal 2014) of annual research funding for computer and network security research grants administered by the National Science Foundation;
  • The creation of a federal Cyber Scholarship for Service Program, which would pay for two years of educational studies towards a bachelor’s or master’s degree and three years towards a doctoral degree in “a cybersecurity field, ” conditioned on scholarship recipients serving in the government for as many years as they received the scholarship;
  • Directing NIST to advance cybersecurity technical standards through means including representing the U.S. government in international technical development of cybersecurity standards; promoting cybersecurity awareness and education; and creating a dedicated research program related to identity management.