HR 4061 would provide up to $396 million in research grants over the next four years to develop best practices and standards to protect computer networks.
This story was updated on February 4.
The U.S. House of Representatives has passed its first major cybersecurity bill, following a warning earlier this week from a top intelligence official that U.S. critical infrastructure is vulnerable to serious threats.
The Cybersecurity Enhancement Act of 2009 (HR 4061), introduced by Rep. Daniel Lipinski (D-IL) last year and passed by the House Science and Technology Committee, would fund research and development for a comprehensive cybersecurity plan that would involve the cooperation of several federal agencies. The House passed HR 4061 today by a vote of 422 to 5.
HR 4061 reauthorizes several National Science Foundation programs and provides up to $396 million in research grants over the next four years for work on cybersecurity. The bill also calls for $94 million to go toward scholarships for students who pursue this field of study.
HR 4061 would require the National Institute of Standards and Technology to establish a cybersecurity awareness program and implement standards for managing personal information stored on computer system. And it calls for the establishment of a national task force of academic and industry experts to advise the Office of Science and Technology Policy on cybersecurity issues.
Cybersecurity is a major priority for the Obama Administration, which requested $866 million to protect networks and data in its recently announced fiscal 2011 budget. That figure is slightly less than what was allocated in 2010 for cybersecurity.
In prepared remarks before the Senate Intelligence Committee on Feb. 2, Dennis C. Blair, Director of National Intelligence, highlighted the administration's investment in cybersecurity, calling a recent cyber attack on Google a "wake-up call" to people who are not taking the problem seriously.
Technology companies and industry groups will be watching the progress of HR 4061 closely. Both the Business Software Alliance and TechAmerica have urged support of the bill, the latter calling passage of the legislation a step that would "help improve our Nation's cybersecurity posture for the future."
Nathaniel Zimmer, a spokesman for Rep. Lipinski's office, said Sen. John Rockefeller's (D-W.Virginia) Cybersecurity Act of 2009, or Senate Bill 773, has some elements of the House bill, but is a broader piece of legislation.
A source familiar with HR 4061 and House procedures said that for it to make it to the Senate, the Homeland Security Committee and other House committees that deal with issues of cybersecurity would likely have to pass their own bills taking up similar issues. Those would then be joined with HR 4061, and that package then could be joined with Senate Bill 773 for approval in the Senate.
Zimmer said the fact that cybersecurity is a front-burner issue bodes well for the progress of HR 4061 and other cybersecurity legislation. "People are paying a lot of attention to it," he said. "Hopefully it's something that happens sooner rather than later."
InformationWeek has published a look at the technical and political ramifications of Google's problems in China. Download the report here (registration required).
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.