Information security research and education efforts would get a huge financial boost under a bill passed Thursday by the U.S. House of Representatives.
The House voted 400-12 to approve $880 million for the National Institution of Standards and Technology and the National Science Foundation to fund security research and provide incentives for universities to establish and maintain degree programs in network security.
The Cyber Security Research and Development Act will now move on to the Senate.
Most of the educational work will be done by the NSF, while NISTs money is earmarked for “multidisciplinary, long-term, high-risk research.”
The bill received strong support from a variety of industry groups, including the Information Technology Association of America, which praised the House for taking security seriously.
“The funding this bill earmarks is critical to increasing cyber-security research, to building a larger base of information security professionals, and to improving information sharing and collaboration among industry, government and academic research projects,” said Harris Miller, president of the ITAA, based in Arlington, Va. “Last October, I called for an investment of several billion dollars for government cyber-security, and this bill shows that the House takes information security needs very seriously by making a substantial financial commitment. While this bill takes a longer-term approach to cyber-security, it is also critical for Congress to fund–at a minimum–the presidents budget request for a 60 percent increase in IT security spending in the fiscal year 2003 budget for the governments own inadequately protected systems.”
The bills passage comes close on the heels of the release of President Bushs projected budget for fiscal 2003, which includes $4.2 billion for information security technology for the federal government.
As part of the appropriation in the House bill, NIST will commission the National Research Council of the National Academy of Sciences to perform a study of the vulnerabilities of the countrys network infrastructure and make recommendations for ways to improve the systems.
That same body last month produced a report that was sharply critical of government security efforts and urged lawmakers and private companies to devote more money and time to research.