Congressman Garamendi’s First Amendment in Congress Adopted as House Passes Major Cybersecurity Bill
Garamendi Amendment Ensures Local Awareness
of Important Cybersecurity Measures
WASHINGTON, DC – Congressman John Garamendi (D-Walnut Creek, CA), a member of the House Science and Technology Committee, was proud to submit his first amendment as a Member of Congress as the House of Representatives passed H.R. 4061, the Cybersecurity Enhancement Act of 2009. The amendment was adopted and the Act passed on a 422-5 vote.
"It was an honor to help author this important bipartisan legislation which will protect our economy from the threat of cyber attack," said Congressman Garamendi, a member of the House Science and Technology Committee. "In a digital world, where dollars and cents are increasingly represented by bits and pixels, we must make sure that our cybersecurity infrastructure is strong."
Under the Cybersecurity Enhancement Act, cybersecurity in the public and private sectors will be enhanced through an increase in cybersecurity professionals, targeted federal research and development (R&D), improved public to private cybersecurity technology transfers, and educational campaigns.
Under Congressman Garamendi’s floor amendment, the federal government will be authorized to conduct regional workshops to keep governments and businesses better informed on available cybersecurity tools.
"As a boy scout collecting my merit badges, I learned that knowledge is power," Congressman Garamendi added. "My amendment will help make sure that the tools provided in this bill will reach our local governments, businesses, and communities through regional workshops."
About the Cybersecurity Enhancement Act of 2009:
The federal government’s cybersecurity activities are divided among several agencies and programs, including the National Science Foundation (NSF), the National Institute of Standards and Technology (NIST), and the Networking and Information Technology Research and Development (NITRD) program:
- NSF is the main agency supporting non-classified cybersecurity R&D and education. Specifically, the Cybersecurity Enhancement Act of 2009 reauthorizes NSF’s cybersecurity research program, the Trustworthy Computing program, and formally establishes the Scholarship for Service program, which provides funding to colleges and universities to award scholarships to students in the information assurance and computer security fields in exchange for their service in the federal government after they have completed their training.
- NIST has two key cybersecurity responsibilities: developing federal information processing standards; and testing the effectiveness of security requirements. Because the vast majority of cybersecurity breaches are the result of current best practices not being followed, H.R. 4061 requires NIST to develop and implement a public cybersecurity awareness and education program to encourage the more widespread adoption of best practices (i.e. using unique passwords for different logons, not keeping passwords written next to the computer). Also, U.S. federal government representation in the development of international cybersecurity technical standards is incomplete and uncoordinated. Consistent with the recommendations made in the President’s Cyberspace Policy Review, this bill requires NIST to develop a plan to ensure representation in all important international cybersecurity technical standards development initiatives and that this representation works from one coordinated U.S. federal government strategy.
- The NITRD program is the primary mechanism by which the federal government coordinates its unclassified networking and IT R&D investments. Thirteen federal agencies, including all of the large science and technology agencies, are formal members of the NITRD Program; other federal organizations also participate in NITRD activities. H.R. 4061 requires the NITRD participating federal agencies to create and implement a strategic plan to guide their cybersecurity R&D efforts.
This bill would also require the Administration to conduct an assessment of cybersecurity workforce needs across the federal government. Lastly, H.R. 4061 requires the Administration’s Office of Science and Technology Policy (OSTP) Director to assemble a university-industry task force to discover new models for implementing collaborative R&D.