House passes update to infosec bill

Featured eBooks
Cyber Workforce
Read Now

Law Enforcement Tech

Read Now

AI in the Workplace

Read Now
By Diane Frank

By Diane Frank

|

The House passes a bill that would update a 13yearold law regulating federal information security requirements

Computer Security Enhancement Act

Related Links

"Housesubcommittee enhances computer security bill, NIST's role"

"GAO: IT security law needed"

"Law is only part of better computer security, Congress told"

The House passed a bill Tuesday night to update a 13-year-old law regulating

federal information security requirements.

The Computer Security Enhancement Act of 1999, sponsored by Rep. F.

James Sensenbrenner Jr. (R-Wis.), amends the roles, responsibilities and

authority of the National Institute of Standards and Technology to oversee

federal agencies' information security practices and technology.

This is the second version of the bill, which members of the House Science

Committee, such as Sensenbrenner and Rep. Connie Morella (R-Md.), have introduced

but failed to get through the Senate since 1997.

The bill would solidify NIST's position as a lead agency for advising

federal agencies on security matters. It reiterates support for NIST's work

to evaluate commercial security products and practices for use in agencies

and also its work to develop guidelines and standards.

Reflecting the changes in technology since the original Computer Security

Act, the new bill focuses more on networked systems than the standalone

environment used at the time — 1987. The bill also has sections about new

authentication technologies, such as electronic signatures, while staying

as technology-neutral as possible.

The bill is now at the Senate, where it likely has only days to pass

before Congress adjourns. Should it not pass, its sponsors will have to

reintroduce it again during the 107th Congress.

NEXT STORY: NetMax sweetens open-source networking