Today, the Department of Commerce’s Internet Policy Task Force issued a Federal Register Notice  requesting comments on the report it published last week entitled “Cybersecurity, Innovations and the Internet Economy”. The task force is seeking further input from Internet stakeholders that will lead to developing an action plan in this important area.

The cybersecurity report published June 8 proposes voluntary codes of conduct to strengthen the cybersecurity of companies that increasingly rely on the Internet to do business, but are not a part of the critical infrastructure sector. The report calls this group the Internet and Information Innovation Sector (I3S). These businesses are increasingly subject to cyber attacks and they range from small and medium enterprises and bricks-and-mortar firms with online services, to social networking sites and Internet-only business, to cloud computing firms.

The Internet Policy Task Force provides 45 questions in the Federal Register Notice to provide a framework to assist in identifying issues related to this group of businesses and the voluntary code of conduct they could develop. Comments are not limited to these questions.

Comment should be sent before midnight on August 1 by email to SecurityGreenPaper@nist.gov with the subject line “Comment of Cybersecurity Green Paper.” Comments will be posted at www.ntia.doc.gov/internetpolicytaskforce.

 

Evelyn Brown

Public Affairs Specialist

Office of Public and Business Affairs

National Institute of Standards and Technology

100 Bureau Drive MS 1070

Gaithersburg, MD 20899-1070

 

Cybersecurity

 

Joe Lieberman is pushing his "Protecting Cyberspace as a Nation Asset Act of 2010."

 

Vice President Wayne Crews argues that cyberspace is not a national asset, and that market competition--not government planning--is the key to improving cybersecurity.

 

"Like everything else in the market, security technologies - from biometric identifiers to firewalls to network monitoring to encrypted databases - advance thanks to aggressive competition. Security is an industry unto itself; let's not turn it into bureaucracy."

 

 

Car Free Day

 

Today (9/22) is World Car Free Day.

 

General Counsel Sam Kazman encourages people to ignore Car Free Day and use their cars.

 

"The automobile has improved the lives of hundreds of millions of people in remarkable ways. It has taken the mobility once reserved for aristocrats and democratized it, immensely expanding the choices that average people have regarding where to live and work. Instead of pushing a misguided political agenda to reduce car use, we should be celebrating automobility."



WASHINGTON, DC — Today, the House of Representatives passed the Cybersecurity Enhancement Act, which included amendments from Congresswoman Carol Shea-Porter.  Shea-Porter, who spoke yesterday on the House floor, offered two amendments, one which will help retain skilled cybersecurity personnel and a second that will add veteran status for consideration for the Federal Cyber Scholarship for Service.

“As our financial institutions and security agencies become increasingly dependent on information technology, it is critical that we have skilled professionals who can thwart emerging cyber threats,” said Congresswoman Shea-Porter. “My amendment will help us retain the professionals we have invested our tax dollars in and will provide them with the tools they need to prevent future cyber attacks.”

The Congresswoman’s first amendment would extend the service obligation for recipients of cybersecurity scholarships on a sliding scale. These degree programs represent serious investments, as does obtaining a security clearance.  This is an investment by the taxpayers, and Shea-Porter’s amendment would allow the federal government to recover it through an extension of service.

Shea-Porter’s other amendment, which she co-authored with Congresswoman Deborah Halvorson from Illinois, would add veteran status as an additional item for consideration when selecting individuals for the Federal Cyber Scholarship for Service. 

“Our veterans who have served our country so admirably should have access to every opportunity,” said Congresswoman Shea-Porter.  “This common sense amendment makes sure that their service is taken into consideration when being selected for the Federal Cyber Scholarship for Service.”

The Cybersecurity Enhancement Act has received wide, bipartisan support and has been endorsed by numerous organizations, including the U.S. Chamber of Commerce, Business Software Alliance, Software and Information Industry Association, National Cable and Telecommunications Association, U.S. Telecom, TechAmerica, and Computing Research Association.  

Following are highlights of some of the bill’s key provisions.

 

Coordinating and Prioritizing Federal Cybersecurity R&D Activities

•  
  Requires the National Science Foundation (NSF), National Institute of Standards and Technology (NIST), and other key federal agencies to develop, update and implement a strategic plan for federal cybersecurity research and development (R&D) activities.
  Requires that the strategic plan be based on an assessment of cybersecurity risk, that it specify and prioritize near-term, mid-term and long-term research objectives, and that it describe how the near-term objectives complement R&D occurring in the private sector.
  Requires the agencies to describe how they will promote innovation, foster technology transfer, and maintain a national infrastructure for the development of secure, reliable, and resilient networking and information technology systems.
  Formally authorizes the NSF Scholarship for Service program, which is designed to ensure a highly-qualified cybersecurity workforce in the federal government.  The program provides grants to institutions of higher education for the award of scholarships to students pursuing undergraduate and graduate degrees in cybersecurity fields and requires subsequent service as a cybersecurity professional in the federal government as a condition of the scholarship.
  Requires the President to issue a report assessing the current and future cybersecurity workforce needs of the federal government.
  Reauthorizes key NSF workforce programs, including NSF graduate student fellowships and NSF graduate student traineeships in cybersecurity.
  Requires NSF to establish a postdoctoral fellowship program in cybersecurity.
  Establishes a university-industry task force to explore mechanisms and models for carrying out public-private research partnerships in the area of cybersecurity.
  Requires NIST to develop and implement a cybersecurity awareness and education program for the dissemination of user-friendly cybersecurity best practices for the general public.
  Requires NIST to develop and implement a plan to coordinate U.S. representation in the development of international cybersecurity technical standards.

 

 

 

Developing a Skilled Cybersecurity Workforce

 

 

 

 

 

Promoting Public-Private Partnerships in Cybersecurity

 

 

Promoting  a Cybersecurity Awareness and Education Program

 

 

International Cybersecurity Technical Standards

 

WASHINGTON, DC — Today, the House of Representatives passed the Cybersecurity Enhancement Act, which included amendments from Congresswoman Carol Shea-Porter.  Shea-Porter, who spoke on the House floor, offered two amendments, one which will help retain skilled cybersecurity personnel and a second that will add veteran status for consideration for the Federal Cyber Scholarship for Service. Both amendments passed by voice vote.  

“As our financial institutions and security agencies become increasingly dependent on information technology, it is critical that we have skilled professionals who can thwart emerging cyber threats,” said Congresswoman Shea-Porter. “My amendment will help us retain the professionals we have invested our tax dollars in and will provide them with the tools they need to prevent future cyber attacks.”

The Congresswoman’s first amendment would extend the service obligation for recipients of cybersecurity scholarships on a sliding scale. These degree programs represent serious investments, as does obtaining a security clearance.  This is an investment by the taxpayers, and Shea-Porter’s amendment would allow the federal government to recover it through an extension of service.

Shea-Porter’s other amendment would add veteran status as an additional item for consideration when selecting individuals for the Federal Cyber Scholarship for Service. 

“Our veterans who have served our country so admirably should have access to every opportunity,” said Congresswoman Shea-Porter.  “This common sense amendment makes sure that their service is taken into consideration when being selected for the Federal Cyber Scholarship for Service.”

The Cybersecurity Enhancement Act has received wide, bipartisan support and has been endorsed by numerous organizations, including the U.S. Chamber of Commerce, Business Software Alliance, Software and Information Industry Association, National Cable and Telecommunications Association, U.S. Telecom, TechAmerica, and Computing Research Association.  

Following are highlights of some of the bill’s key provisions.

 

Coordinating and Prioritizing Federal Cybersecurity R&D Activities 

·       Requires the National Science Foundation (NSF), National Institute of Standards and Technology (NIST), and other key federal agencies to develop, update and implement a strategic plan for federal cybersecurity research and development (R&D) activities.

 

·       Requires that the strategic plan be based on an assessment of cybersecurity risk, that it specify and prioritize near-term, mid-term and long-term research objectives, and that it describe how the near-term objectives complement R&D occurring in the private sector.

 

·       Requires the agencies to describe how they will promote innovation, foster technology transfer, and maintain a national infrastructure for the development of secure, reliable, and resilient networking and information technology systems.

 

Developing a Skilled Cybersecurity Workforce

 

·       Formally authorizes the NSF Scholarship for Service program, which is designed to ensure a highly-qualified cybersecurity workforce in the federal government.  The program provides grants to institutions of higher education for the award of scholarships to students pursuing undergraduate and graduate degrees in cybersecurity fields and requires subsequent service as a cybersecurity professional in the federal government as a condition of the scholarship.

 

·       Requires the President to issue a report assessing the current and future cybersecurity workforce needs of the federal government.

 

·       Reauthorizes key NSF workforce programs, including NSF graduate student fellowships and NSF graduate student traineeships in cybersecurity.

 

·       Requires NSF to establish a postdoctoral fellowship program in cybersecurity.

 

Promoting Public-Private Partnerships in Cybersecurity

 

·       Establishes a university-industry task force to explore mechanisms and models for carrying out public-private research partnerships in the area of cybersecurity.

 

Promoting  a Cybersecurity Awareness and Education Program

 

·       Requires NIST to develop and implement a cybersecurity awareness and education program for the dissemination of user-friendly cybersecurity best practices for the general public.

 

International Cybersecurity Technical Standards

 

·       Requires NIST to develop and implement a plan to coordinate U.S. representation in the development of international cybersecurity technical standards.