House panel OKs law addressing cyberstandards

Share this article:
A draft bill approved Wednesday by a House subcommittee would require the National Institute of Standards and Technology (NIST) to facilitate U.S. involvement in the creation of international cybersecurity standards.

The proposed Cybersecurity Coordination and Awareness Act, approved Wednesday by the House Subcommittee on Technology and Innovation, would also require NIST to develop and implement a cybersecurity awareness and education program and engage in research and development to improve identity management systems. Also, it would amend the Cybersecurity Research and Development Act to update technical terms.

The proposed legislation was drafted by staff of the House Committee on Science and Technology to implement some of the recommendations in the 60-day Cyberspace Policy Review, a report released this May that outlines the federal government's new approach to securing cyberspace. According to the review, international standards are needed for the investigation and prosecution of cybercrime, the approaches for network defense and response to cyberattacks.

“The Cyberspace Policy Review recommended coordination of U.S. government representation in international cybersecurity technical standards development,” Subcommittee Chairman Rep. David Wu, D-Ore., said in his opening statement Wednesday. “Currently, responsibilities are parsed among different agencies without any consistent policy. A coordinated policy will ensure that these representatives operate with the overarching need of the U.S. infrastructure in mind.”

The proposed legislation would require NIST to coordinate U.S. representation with regard to international cybersecurity standards development and create a plan to engage with international organizations to develop standards.

Currently there are more than a dozen international organizations that develop policies related to cybersecurity including the United Nations, NATO and the International Organization for Standardization (ISO).

As part of the proposed legislation, NIST would also be required to work with federal agencies, industry and educational institutions to create easy-to-understand cybersecurity standards and best practices as part of an awareness program to increase the public understanding of cyberthreats.

Also, NIST would be required to establish a research-and-development program focused on strengthening the security of identity management systems.

The proposed legislation now will move to the full House Committee on Science and Technology.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.