House Committee OK's Cybersecurity Enhancement ActUnanimous Vote Sends Legislation to House Floor
If enacted, HR 2096 would require increased coordination and prioritization of federal cybersecurity R&D activities and the development and advancement of cybersecurity technical standards. The measure also would strengthen cybersecurity education and talent development and industry partnership initiatives.
Rep. Mike McCaul, the Texas Republican sponsor of the measure, emphasized the need to bolster cybersecurity education. "We are not prepared to meet the threats of the 21st century; one reason is because we do not have a workforce readily available," he said.
Republicans rushed the bill through the committee, skipping the usual process of holding a hearing on the measure and then having a subcommittee markup the bill, which was done at the committee level Thursday. Despite bipartisan support, some Democrats expressed exasperation with the process' speed. "The truth is that the field of cybersecurity is rapidly evolving and two years in this field is equivalent to a lifetime in many other fields," said Rep. Eddie Bernice Johnson of Texas, the ranking Democrat on the committee. "The fact that we are rushing this bill through the committee is preventing us from adequately and effectively doing our due diligence to ensure that it is as current as it can and should be."
During the committee markup, Rep. David Wu, D-Ore., offered an amendment to authorize the National Institute of Standards and Technology to convene a group that would include businesses and consumer group to develop voluntary consensus standards and code of conduct to be used by the private sector on the Internet. Wu withdrew the amendment at the request of the committee chairman; a similar provision could resurface when the entire House considers the bill.
On a party-line vote, the panel rejected an amendment offered by Paul Tonko, D-N.Y., that would have assured funding for some programs in the bill, but Republicans balked at committing Congress to additional spending beyond what already has been appropriated.
The House passed a similar bill in the last Congress (see House Passes Cybersecurity Enhancement Act), but it never came up for a vote in the Senate. In June, Sen. Robert Menendez, D-N.J., introduced the Senate version of the bill, which is in committee (see Congress Resurrects the Cybersecurity Enhancement Act).
Among the bill's provisions:
- Give the National Institutes of Standards and Technology the authority to set security standards for federal computer systems and develop cybersecurity standards for agencies to follow.
- Create a task force to coordinate research and development efforts between the federal government, universities and the private sector.
- Establish cybersecurity research and development grant programs. Create scholarship programs at National Science Foundation that can be repaid with federal service.
- Require the president to conduct an assessment of cybersecurity workforce needs across the federal government.
"This is a good bill, and it represents an important step in Congress's overall efforts to address cybersecurity issues," said Committee Chairman Ralph Hall, R-Texas.