Mobile Menu - OpenMobile Menu - Closed

Subcommittee Approves Cybersecurity Coordination and Awareness Act

Nov 4, 2009
Press Release
(Washington, DC) Today, the Committee on Science and Technology’s Subcommittee on Technology and Innovation approved a Committee print of the Cybersecurity Coordination and Awareness Act.

“Twenty-two years ago, this Committee paved the way for federal cybersecurity efforts with the Computer Security Act of 1987, which charged NIST with developing technical standards to protect non-classified information on federal computer systems and was the first of 13 major laws related to cybersecurity,” stated Subcommittee Chairman David Wu (D-OR).

The Cybersecurity Coordination and Awareness Act requires the National Institute of Standards and Technology (NIST) to: develop and implement a plan to ensure coordination within the U.S. government with regard to the development of international cybersecurity technical standards; develop and implement a cybersecurity awareness and education program; and engage in research and development (R&D) to improve identity management systems. Lastly, this Committee print amends the Cybersecurity R&D Act of 2002 (PL 107-305) to update technical terms to reflect the extant technologies and networked systems.
The Committee print implements recommendations made in the Administration’s Cyberspace Policy Review and during witness testimony in the T&I Subcommittee hearing, Cybersecurity Activities at NIST’s Information Technology Laboratory, on October 22, 2009.  
“The Cyberspace Policy Review recommended coordination of U.S. government representation in international cybersecurity technical standards development. The convergence of telecommunication, internet, and video devices requires a corresponding convergence in cybersecurity technical standards development. A coordinated policy will ensure that these representatives operate with the overarching need of the U.S. infrastructure in mind,” added Wu. “Two weeks ago, witnesses testified in front of this Subcommittee that NIST is suited for the role of coordinator due to its extensive technical expertise, established relationships with international bodies, and existence as a non-regulatory body, so today’s print tasks NIST with developing and implementing a cybersecurity coordination plan.” 
The Committee approved a manager’s amendment from Subcommittee Chairman Wu
“The manager’s amendment, which we worked with the Minority to develop, notably makes explicit the inclusion of health information technology systems as part of NIST’s work on identity management research and standards development,” said Wu. “As we work to increase adoption of health IT in our medical system, it is important to recognize that the increased digitization and sharing of records must be accompanied by adequate privacy safeguards. Ensuring that we advance technologies and methods used to protect privacy should be central to NIST’s work in health IT.”
This year the Committee has held four hearings on cybersecurity. In September, the Research and Science Education Subcommittee passed a related Committee print, the Cybersecurity Research and Development Amendments Act of 2009.
For more information, including on the Committee’s work on cybersecurity, please see the Committee’s website.




111th Congress