House panel OKs law addressing cyberstandards

Share this article:
A draft bill approved Wednesday by a House subcommittee would require the National Institute of Standards and Technology (NIST) to facilitate U.S. involvement in the creation of international cybersecurity standards.

The proposed Cybersecurity Coordination and Awareness Act, approved Wednesday by the House Subcommittee on Technology and Innovation, would also require NIST to develop and implement a cybersecurity awareness and education program and engage in research and development to improve identity management systems. Also, it would amend the Cybersecurity Research and Development Act to update technical terms.

The proposed legislation was drafted by staff of the House Committee on Science and Technology to implement some of the recommendations in the 60-day Cyberspace Policy Review, a report released this May that outlines the federal government's new approach to securing cyberspace. According to the review, international standards are needed for the investigation and prosecution of cybercrime, the approaches for network defense and response to cyberattacks.

“The Cyberspace Policy Review recommended coordination of U.S. government representation in international cybersecurity technical standards development,” Subcommittee Chairman Rep. David Wu, D-Ore., said in his opening statement Wednesday. “Currently, responsibilities are parsed among different agencies without any consistent policy. A coordinated policy will ensure that these representatives operate with the overarching need of the U.S. infrastructure in mind.”

The proposed legislation would require NIST to coordinate U.S. representation with regard to international cybersecurity standards development and create a plan to engage with international organizations to develop standards.

Currently there are more than a dozen international organizations that develop policies related to cybersecurity including the United Nations, NATO and the International Organization for Standardization (ISO).

As part of the proposed legislation, NIST would also be required to work with federal agencies, industry and educational institutions to create easy-to-understand cybersecurity standards and best practices as part of an awareness program to increase the public understanding of cyberthreats.

Also, NIST would be required to establish a research-and-development program focused on strengthening the security of identity management systems.

The proposed legislation now will move to the full House Committee on Science and Technology.
Share this article:

Sign up to our newsletters

More in News

Firefox 31 plugs critical memory safety bugs

In total, Firefox 31 brings 11 patches for several flaws affecting the web browser.

Android/Simplocker adds tricks, including ransom message in English

Android/Simplocker ransomware now encrypts archive files, asks to be installed as a Device Administrator, and delivers an English-language ransom message.

Wall Street Journal website vulnerable to SQL injection, gets hacked

The Wall Street Journal confirmed on Tuesday that an outside party exploited a vulnerability and hacked into its new graphics systems.