The House Committee on Science and Technologys Research and Science Education Subcommittee marked up a bill designed to amend portions of Cyber Security R&D Act of 2005 today. The aptly named Cybersecurity Research and Development Amendments Act of 2009 (PDF) touches on several things that CRA supports including:
- Requires the development of a cybersecurity R&D strategic plan throughout the federal government
- Requires the inclusion of social and behavioral research at NSF as part of the cybersecurity research portfolio
- Specifically includes identity management as an area of research that should be supported in a cybersecurity research portfolio
- Requires NSF to create a postdoctoral fellowship program in cybersecurity
- Authorizes a cybersecurity scholarship for service program at NSF
- Requires OSTP to assess the current and future cybersecurity workforce needs of the federal government, including comparison of the skills needed by each fed agency, the supply of talent, and any barriers to recruitment
- Establishes an academic-industry task force to explore public-private research partnerships in cybersecurity
Only two amendments to the original bill language were proposed and both were adopted. The first was the managers amendment which made technical changes to the bill and clarifies the service requirements for those students participating in the Scholarship for Service program authorized in the bill. The second amendment was introduced by Congresswoman Johnson (D-TX) and seeks to increase the participation of underrepresented groups in the scholarship program and include minority institutions as stakeholders in the strategic plan. We don’t yet have copies of either the Manager’s amendment or Rep. Johnson’s, but when we do, we’ll post them here.
Both the chairman of the subcommittee, Congressman Daniel Lipinski (D-IL) and the ranking member, Congressman Vernon Ehlers (R-MI) emphasized the need for cybersecurity research to keep pace with the changing cyber threats and to ensure a sufficient workforce in cybersecurity. Ehlers mentioned that the workforce problem had been personally brought to his attention last year by a computer science professor who visited his office and discussed the drop in computing related undergraduates after the boom, a situation that we have discussed in great detail here in the past, but one that, based on the most recent Taulbee data, we believe is turning around.