Bills aim at cyber R&D

Members of the House Science Committee introduced two bills Dec. 4 aimed at increasing funding and attention for cybersecurity and information technology research and development.

The Cyber Security Research and Development Act, introduced by the committee chairman, Rep. Sherwood Boehlert (R-N.Y.), addresses many of the security challenges government faces. Those challenges include the lack of far-reaching security research; too few university students focused on information security; and the lack of coordination among the federal agencies, academic institutions and companies.

The act creates several research and grants programs at the National Science Foundation and the National Institute of Standards and Technology, two agencies long involved in security research and partnering with the private sector. Funding authorized by the act for these programs totals almost $880 million across five years and includes:

* $233 million for a grants program at NSF for innovative research on basic cybersecurity issues.

* $90 million to establish a competitive grants program through NSF for universities and colleges to provide fellowships, research opportunities and other education to students pursuing doctoral degrees in cybersecurity.

* $275 million for a grant program at NIST for high-risk, cutting-edge research by academic researchers working with industry.

* $32 million to NIST for an in-house research program in cybersecurity.

"Currently, there are too few scientists and engineers engaged in research on information security and too little funding for security research," Rep. Ralph Hall (D-Texas), ranking member on the committee and co-sponsor of the bill, said at the press conference where the committee released the two bills. "And as federal agencies and private industry have found, there are too few people with specialized computer security skills."

The Networking and Information Technology Research Advancement Act, sponsored by Rep. Nick Smith (R-Mich.), chairman of the committee's Research Subcommittee, increases the funding for IT research and development at NSF, NIST, NASA, the Energy Department, the National Oceanic and Atmospheric Administration and the Environmental Protection Agency. The act authorizes almost $7 billion across five years for programs at those agencies.

To support this increase in funding, the act authorizes the agencies' continued participation in the Networking and Information Technology Research and Development Program run by the White House's Office of Science and Technology Policy. The program coordinates interagency research in areas including high-end computing, software design and productivity, high-confidence software and systems, and human/computer interaction and information management.

"Although the private sector provides the lion's share of the research funding, its spending tends to focus on short-term, applied research," Smith said. "The federal government, therefore, has a critical role to play in supporting the long-term, basic research that the private sector requires but is ill-suited to pursue."

The act also updates the High Performance Computing Act of 1991 to emphasize the importance of cybersecurity research, and directs the National Academy of Sciences to provide two studies. The first study will compare the state of IT and engineering research in the United States with that of other countries, and the second will study how to strengthen the IT workforce.