House panel OKs law addressing cyberstandards

Share this article:
A draft bill approved Wednesday by a House subcommittee would require the National Institute of Standards and Technology (NIST) to facilitate U.S. involvement in the creation of international cybersecurity standards.

The proposed Cybersecurity Coordination and Awareness Act, approved Wednesday by the House Subcommittee on Technology and Innovation, would also require NIST to develop and implement a cybersecurity awareness and education program and engage in research and development to improve identity management systems. Also, it would amend the Cybersecurity Research and Development Act to update technical terms.

The proposed legislation was drafted by staff of the House Committee on Science and Technology to implement some of the recommendations in the 60-day Cyberspace Policy Review, a report released this May that outlines the federal government's new approach to securing cyberspace. According to the review, international standards are needed for the investigation and prosecution of cybercrime, the approaches for network defense and response to cyberattacks.

“The Cyberspace Policy Review recommended coordination of U.S. government representation in international cybersecurity technical standards development,” Subcommittee Chairman Rep. David Wu, D-Ore., said in his opening statement Wednesday. “Currently, responsibilities are parsed among different agencies without any consistent policy. A coordinated policy will ensure that these representatives operate with the overarching need of the U.S. infrastructure in mind.”

The proposed legislation would require NIST to coordinate U.S. representation with regard to international cybersecurity standards development and create a plan to engage with international organizations to develop standards.

Currently there are more than a dozen international organizations that develop policies related to cybersecurity including the United Nations, NATO and the International Organization for Standardization (ISO).

As part of the proposed legislation, NIST would also be required to work with federal agencies, industry and educational institutions to create easy-to-understand cybersecurity standards and best practices as part of an awareness program to increase the public understanding of cyberthreats.

Also, NIST would be required to establish a research-and-development program focused on strengthening the security of identity management systems.

The proposed legislation now will move to the full House Committee on Science and Technology.
Share this article:

Sign up to our newsletters

More in News

ICO fines U.K. travel firm £150,000 for 2012 breach

Data on more than one million credit and debit cards was pilfered in the 2012 breach of a system Think W3 Limited.

Firefox 32 feature could cut undetected malware downloads 'in half'

Mozilla plans to introduce a feature in Firefox 32 that, based on preliminary testing, could cut the amount of undetected malware downloads in half.

EFF asks court to find NSA internet spying a violation of Fourth Amendment

EFF asks court to find NSA internet spying ...

Complete with a colorful graphic, the EFF showed a federal court how the NSA essentially runs a digital dragnet that can pick up innocent Americans.