The Cybersecurity Enhancement Act of 2009, would support cybersecurity research and development and advance the creation of international cybersecurity standards.
“[This legislation] is based on the concept that in order to improve the security of our networked systems, which are fundamentally both public and private in nature, the federal government must work in concert with the private sector,” Bart Gordon, D-Ill., chairman of the House Committee on Science and Technology, said in his opening statement on Wednesday.
The legislation is a combination of two draft bills that were recently approved by House subcommittees. It incorporates the draft bill Cybersecurity Coordination and Awareness Act, approved in early November by the House Subcommittee on Technology and Innovation, to require the National Institute of Standards and Technology (NIST) to facilitate U.S. involvement in the creation of international cybersecurity standards. The legislation also includes the Cybersecurity Research and Development Amendments Act of 2009, approved in late September by the Research and Science Education Subcommittee, to require federal agencies to submit a long-term research-and-development plan detailing objectives of the initiative and the funding needed to carry it out.
The bill would implement a number of recommendations made in the 60-day Cyberspace Policy Review, a report released this May that outlines the federal government's new approach to securing cyberspace. The review recommended the federal government take a number of actions to improve cybersecurity, including: build up a cyber workforce, coordinate research and development, improve technology, promote public awareness and coordinate U.S. representation in the development of international cybersecurity standards, all of which are addressed with the bill, Gordon said in his opening statement Wednesday.